Skip to main content

 

 

Cisco Defense Orchestrator

Object Filters

About Object Filters

You can use many different filters on the Objects page to find objects you are looking for. The object filter allows you to filter by device, issue type, shared objects, unassociated objects, and object type. You can include system objects in your results or not. You can also use the search field to search for objects in the filter results that contain a certain name, IP address, or port number.

When filtering objects, Defense Orchestrator “and’s” filtering categories and “or’s” the filters within filtering categories. 

object_filter.pngThe selected filters in this filter bar would return objects that match the following criteria:

    * Objects that are on one of two devices. (Click Filter by Device to specify the devices.) AND are

     * Inconsistent objects AND are

     * Network objects OR Service objects AND 

    * Have the word "group" in their object naming convention

Because Show System Objects is checked, the result would include both system objects and user-defined objects.

Show System Objects Filter

Some devices come with pre-defined objects for common services. These system objects are convenient because they are already made for you and you can use them in your rules and policies. There can be many system objects in the objects table. System objects cannot be edited or deleted. 

Show System Objects is "off" by default. To display system objects in the object table, check Show System Objects in the filter bar. To hide system objects in the object table, leave Show System Objects unchecked in the filter bar.

If you hide system objects, they will not be included in your search and filtering results. If you show system objects, they will be included in your object search and filtering results.

 

 

 

Configure Object Filters

You can filter on as few or as many criteria as you want. The more categories you filter by, the fewer results you should expect.  

  1. Click Objects in the navigation bar to view the Objects page. 
  2. Open the filter panel by clicking the filter icon filter_icon.png at the top of the page. Uncheck any filters that have been checked to make sure no objects are inadvertently filtered out. Additionally, look at the search field and delete any text that may have been entered in the search field.
  3. If you want to restrict your results to those found on particular devices:
    1. Click Filter By Device.
    2. Search all the devices or click a device tab to search for only devices of a certain kind.
    3. Check the device you want to include in your filter criteria.
    4. Click OK
  4. Check Show System Objects to include system objects in your search results. Uncheck Show System Objects to exclude system objects from your search results.
  5. Check the object Issues you want to filter by. If you check more than one issue, objects in any of the categories you check are included in your filter results.
  6. Check Ignored issues if you want to see object that had issues but were ignored by the administrator.
  7. Check Shared if you are filtering foe objects shared between two or more devices.
  8. Check Unassociated if you are filtering for objects that are not part of any rule or policy. 
  9. Check the Object Types you want to filter by.
  10. You can also add an object name, IP address, or port number to the Objects search field to find objects with your search criteria among the filtered results.

When to Exclude a Device from Filter Criteria

When adding a device to filtering criteria, the results show you the objects on a device but not the relationships of those objects to other devices. For example, assume ObjectA is shared between ASA1 and ASA2. If you were to filter objects to find shared objects on ASA1, you would find ObjectA but the Relationships pane would only show you that the object is on ASA1. 

To see all the devices to which an object is related, don't specify a device in your search criteria. Filter by the other criteria and add search criteria if you choose to. Select an object that Defense Orchestrator identifies and then look in the Relationships pane. You will see all the devices and policies the object is related to.

  • Was this article helpful?