Intrusion Rule Categories
The system places rules in categories based on the type of traffic the rule detects. On the Rules page, you can filter by rule category, so you can set a rule attribute for all rules in a category. For example, if you do not have Linux hosts on your network, you could filter by the os-linux category, then disable all the rules showing to disable the entire os-linux category.
You can hover your pointer over a category name to display the number of rules in that category.
Note | The Talos Intelligence Group may use the rule update mechanism to add and remove rule categories. |