Configuring Network Discovery Rules

You can configure discovery rules to tailor the discovery of host and application data to your needs.

Before you begin

Make sure you are logging connections for the traffic where you want to discover network data; see Best Practices for Connection Logging.
If you want to collect exported NetFlow records, add a NetFlow Exporter as described in Adding NetFlow Exporters to a Network Discovery Policy.
If you will want to view discovery performance graphs, you must enable hosts, users, and applications in your discovery rule. Note that this may impact system performance.

Tip	In most cases, Cisco suggests restricting discovery to the addresses in RFC 1918.

Step 1	Choose Policies > Network Discovery. In a multidomain deployment, if you are not in a leaf domain, the system prompts you to switch.
Step 2	Click Add Rule.
Step 3	Set the Action for the rule as described in Actions and Discovered Assets.
Step 4	Set optional discovery parameters: Restrict the rule action to specific networks; see Restricting the Monitored Network. Restrict the rule action to traffic in specific zones; see Configuring Zones in Network Discovery Rules. Exclude ports from monitoring; see Excluding Ports in Network Discovery Rules. Configure the rule for NetFlow data discovery; see Configuring Rules for NetFlow Data Discovery.
Step 5	Click Save.