You can remove from exclusions a single Intrusion Detection rule, multiple rules, or all rules at the same time.
To remove an Intrusion Detection rule from exclusions:
This opens a window containing information about the rule.
This opens the action confirmation window.
The rule is removed from exclusions. This rule is used for creating alerts.
To remove all or multiple IDS rules from exclusions:
You can select all rules by selecting the check box in the row containing the headers of columns.
This opens the action confirmation window.
The selected rules are removed from exclusions. These rules are used for creating alerts.
Users with the Security auditor role cannot remove Intrusion Detection rules from exclusions.
Users with the Security officer role do not have access to the list of exclusions from Intrusion Detection rules.