IPS Rules

The IPS Rules tab shows all IPS rules contained in the threat intelligence database of Threat Defender.

The table provides the following information:

Field Description
Enabled The slider switch indicates whether the IPS rule is enabled or disabled (/).
Updated At The time the IPS rule was last updated.
Name The name of the IPS rule.
Tags The number of tags assigned to the IPS rule. By mouseover you can see the tags in a tooltip.

To see further details on an IPS rule, click in the last table column or double-click its row.

IPS Rule Details

The details page displays the name of the IPS rule and the slider switch indicates whether the IPS rule is enabled () or disabled (). The table shows the following details:

Field Description
Sid The signature ID of the IPS rule. It is unique for each rule in the database.
Rev The revision number of the IPS rule.
Created The date and time the IPS rule was created.
Updated The date and time when the IPS rule was last updated in the threat intelligence database.
Tags The tags assigned to the IPS rule in the database.

Under References, you see a list of references that document the IPS rule, if available.

The Most Recent Logs table displays the most recently created log entries for the IPS rule. Click in the last table column of an entry to go its details page.

results matching ""

    No results matching ""