Cisco Cisco Firepower Management Center 2000

The Event Logging Settings control whether discovery and host input events are logged. If you do not 
log an event, you cannot retrieve it in event views or use it to trigger correlation rules. 

Admin/Discovery Admin

Click the edit icon (

) next to 

. 

The Event Logging Settings pop-up window appears.

Select or clear the check boxes next to the discovery and host input event types you want to log in the 
database. See 

 and 

 for information about each event type.

Click 

 to save the event logging settings and return to the Advanced tab of the network discovery 

policy. 

You must apply the network discovery policy for your changes to take effect. For more 
information, see 

FireSIGHT

You can add new active sources through this page, or change the priority or timeout settings for existing 
sources. Note that adding a scanner to this page does not add the full integration capabilities that exist 
for the Nmap scanners, but does allow integration of imported third-party application or scan results. If 
you import data from a third-party application or scanner, remember to make sure that you map 
vulnerabilities from the source to the vulnerabilities in the network map. For more information, see 

.

Admin/Discovery Admin

Click the edit icon (

) next to 

. 

The Edit OS and Server Identity Sources pop-up window appears. 

To add a new source, click 

. 

The Add Identity Source pop-up window appears.

Type a 

 for the source. 

Select the input source type from the 

 drop-down list:

Select 

if you plan to import scan results using the AddScanResult function.

Select 

 if you do not plan to import scan results.

To indicate the duration of time that should elapse between the addition of an identity to the network 
map by this source and the deletion of that identity, select 

, 

, or 

 from the 

 

drop-down list and type the appropriate duration.