https://community.cisco.com/t5/network-security/firesight-report/m-p/3037602#M42976 <P>Hi,</P> <P>Based on the attached screenshot on the report.</P> <P>What is the root cause IP and destination IP for faceboook application ?</P> <P>Can we find in the firesight analysis ?</P> <P></P> <P>Appreaciate it thank you</P> <P></P> Sun, 10 Mar 2019 13:48:56 GMT sahrizal123 2019-03-10T13:48:56Z https://community.cisco.com/t5/network-security/firesight-report/m-p/3037602#M42976 <P>Hi,</P> <P>Based on the attached screenshot on the report.</P> <P>What is the root cause IP and destination IP for faceboook application ?</P> <P>Can we find in the firesight analysis ?</P> <P></P> <P>Appreaciate it thank you</P> <P></P> Sun, 10 Mar 2019 13:48:56 GMT https://community.cisco.com/t5/network-security/firesight-report/m-p/3037602#M42976 sahrizal123 2019-03-10T13:48:56Z https://community.cisco.com/t5/network-security/firesight-report/m-p/3037603#M42979 <P>Are you asking who is using facebook so much?</P> <P>For that, as well as the IP addresses used by facebook, you would do a query of your connection events. Open up the time period (default is past hour) and filter the URL field on *.facebook.com. Execute the query and you will see the source IP and destination IP addresses.</P> <P>If you have integrated your internal users' identity via Cisco FirePOWER User Agent or such, you will also get the users' AD name.</P> Mon, 17 Apr 2017 13:56:12 GMT https://community.cisco.com/t5/network-security/firesight-report/m-p/3037603#M42979 Marvin Rhoads 2017-04-17T13:56:12Z