Removing Intrusion Detection rules from exclusions

You can remove from exclusions a single Intrusion Detection rule, multiple rules, or all rules at the same time.

To remove an Intrusion Detection rule from exclusions:

1. In the application web interface window, select the Settings → Exclusions section and go to the IDS tab.
2. The list of excluded Intrusion Detection rules is displayed.
3. Select the rule that you want to remove from exclusions.

   This opens a window containing information about the rule.

4. Click Delete.

   This opens the action confirmation window.

5. Click Yes.

The rule is removed from exclusions. This rule is used for creating alerts.

To remove all or multiple IDS rules from exclusions:

1. In the application web interface window, select the Settings → Exclusions section and go to the IDS tab.
2. The list of excluded Intrusion Detection rules is displayed.
3. Select check boxes next to rules that you want to remove from exclusions.

   You can select all rules by selecting the check box in the row containing the headers of columns.

4. In the pane that appears in the lower part of the window, click Delete.

   This opens the action confirmation window.

5. Click Yes.

The selected rules are removed from exclusions. These rules are used for creating alerts.

Users with the Security auditor role cannot remove Intrusion Detection rules from exclusions.

Users with the Security officer role do not have access to the list of exclusions from Intrusion Detection rules.

See also Viewing the table of Intrusion Detection rules added to exclusions Adding an Intrusion Detection rule to exclusions Editing the description of an Intrusion Detection rule added to exclusions

Page top