EventLog Analyzer supports Cisco FirePower Firewall and provides out-of-box reports for the following categories of events:
- FirePower Events: Information on all events on FirePower devices
- Firewall Allowed and Denied Traffic: Insights on traffic based on source, destination, protocol and port, and traffic trends.
- Firewall Website Traffic: Traffic reports based on source, destination and website traffic trend reports
- Firewall IDS/IPS Events: Insights on attacks based on source and destination IP address, also provides a report on attack trends
- Device Severity Reports: Emergency, alerts, critical, error, warning, and notice, information and debug events
FirePower reports dashboard
- Go to the Reports section. Select FirePower from the displayed list of vendors.
- Click Select Device and choose the FirePower devices for which you need the reports. Click Add.
- You can set filter criteria for events based on Device, Severity and Message. Use logical operators as required.
- Select the Period for which you want the data to be displayed and click Apply.
- The graphs can be viewed in multiple formats. To switch to a different graph format, click the drop down button.
- This panel lists all the available out-of-box reports for FirePower. Select the report you want to view.
- To export the report in view, click Export as and choose the format. Once done, you can download the report.
- Click Schedule to have this report automatically generated, exported and emailed to the specified users in the desired format, at the specified times.
- Click More for further customization options.
- Set as Default, to set this report as the default for FirePower reports.
- Add to Favorites, to mark this report as favorite.
- Pin to dashboard, to pin this report to the main dashboard in the Home page.