Investigate Events Using Contextual Cross-Launch
Before you begin
If the resource you will access requires credentials, make sure you have those credentials.
Procedure
Step 1 | In the Secure Firewall Management Center, click . |
Step 2 | Right-click the event of interest and choose the contextual cross-launch resource to use. If necessary, scroll down in the context menu to see all available options. The data type you right-click on determines the options you see; for example, if you right-click an IP address, you will only see contextual cross-launch options that are relevant to IP addresses. For example, to get threat intelligence from Cisco Talos about a source IP address in the intrusion event, choose Talos SrcIP or Talos IP. If a resource includes multiple variables, the option to choose that resource is available only for events that have a single possible value for each included variable. The contextual cross-launch resource opens in a separate browser window. It may take some time for the query to be processed, depending on the amount of data to be queried, speed of and demand on the resource, and so on. |
Step 3 | Sign in to the resource if necessary. |