Cisco Defense Orchestrator (CDO) provides several reports that you can use to analyze the impact of your security policies on the traffic going through your Firepower Threat Defense (FTD) devices. An executive summary report summarizes the most impactful malware, threats, and impacted security intelligence. CDO polls devices every hour to collect events. To learn more about what the executive summary offers, see FTD Executive Summary Report for more information.
Important: The data used in traffic-related reports is collected from events triggered by the access control rules, and other security policies. The generated report does not reflect traffic for rules where logging is not enabled, or rules that have not been triggered. Ensure that you configure your rules with the information that matters to you.
Note that if you are a Security Analytics and Logging subscriber, Network Reports do not reflect the events forwarded to the Secure Event Connector.
To generate an FTD Executive Summary Report:
- In the navigation pane, click Monitoring > Executive Summary Report.
- Select the time range for the reports: Last 24 Hours, Last 7 Days, Last 30 Days, or Last 90 Days.
- (Optional) Click the filter icon to generate a report on a custom list of devices.
- Click Generate Report (PDF).
- Click Save to save the report as a PDF. Browse for the save location and click Save. If you decide not to save the report, click Cancel at any time.