Adding Intrusion Rule Comments
You can add comments to rules in your intrusion policy. Comments added this way are policy-specific; that is, comments you add to a rule in one intrusion policy are not visible in other intrusion policies. Any comments you add can be seen in the Rule Details view on the Rules page for the intrusion policy.
After you commit the intrusion policy changes containing the comment, you can also view the comment by clicking Rule Comment on the rule Edit page.
Procedure
Step 1 | Choose . | ||
Step 2 | Click Snort 2 Version next to the policy you want to edit. If View () appears instead, the configuration belongs to an ancestor domain, or you do not have permission to modify the configuration. | ||
Step 3 | Click Rules immediately under Policy Information in the navigation panel. | ||
Step 4 | Choose the rule or rules where you want to add a comment. | ||
Step 5 | Choose . | ||
Step 6 | In the Comment field, enter the rule comment. | ||
Step 7 | Click OK.
| ||
Step 8 | Optionally, delete a rule comment by clicking Delete next to the comment. You can only delete a comment if the comment is cached with uncommitted intrusion policy changes. After intrusion policy changes are committed, the rule comment is permanent. | ||
Step 9 | To save changes you made in this policy since the last policy commit, click Policy Information, then click Commit Changes. If you leave the policy without committing changes, changes since the last commit are discarded if you edit a different policy. |
What to do next
-
Deploy configuration changes.