Adding Comments to Rules in Policies and Rulesets

You can add comments to rules in FDM-managed device policies and rules in rulesets to document some characteristic of a rule. Rule comments are are only visible on Cisco Defense Orchestrator; they are never written to the FDM-managed device nor are they visible in FDM.

Comments are added to rules after they are created and saved in CDO. As rule comments are only a feature of CDO, creating, changing, or deleting a rule comment does not change the configuration status of the device in CDO to "Not Synced". You will not need to write changes from CDO to the FDM-managed device to save a rule comment.

Comments associated with rules in an FDM-managed device policy can be viewed and edited on the device's policy page. Comments associated with rules in an FDM-managed device ruleset can be viewed and edited on the rulesets page. When a ruleset is used in a policy, any comments associated with any of the rules in the ruleset are displayed in the comments area of the policy. The comments are read-only.

When you search for a string in policies, rulesets, or the change log, CDO will search the comments associated with a rule for that string along with the other attributes and values of a rule.

When a comment for a rule is added or edited, that action is recorded in the Change log. Because rule comments are only recorded and maintained in CDO, they are labeled (CDO-only change) in the change log.