You can load sets of Intrusion Detection rules from files into the application. Files containing descriptions of Intrusion Detection rules must be in the same folder and have the rules extension before you can load them into the application. The names of the files must not contain the following characters: \ / : * ? , " < > |
.
After loading Intrusion Detection rules from a file, the rules are saved in the application as a user-defined rule set. The name of a rule set matches the name of the file from which this rule set was loaded.
When sets of rules are loaded from files, the current user-defined rule sets are deleted from the table and replaced with the new ones. However, system sets of rules (whose Origin column shows the System value) are not deleted from the table.
Only users with the Administrator role can load user-defined sets of Intrusion Detection rules.
To load and replace user-defined sets of Intrusion Detection rules:
The table containing sets of rules displays the new user-defined sets of rules. For these sets of rules, the Origin column will show the User value. All sets of rules that have no detected errors will be enabled.
Information about detected errors is displayed in the Rules column. The OK status is displayed if there are no errors. If the set of rules contains errors, you can view detailed information about them by clicking the Details link.