The integrated SNORT system identifies errors one error
at a time. Due to this process flow, you must troubleshoot and fix
each error to successfully apply the SNORT policy.
Errors
SNORT errors occur when the integrated
system detects configuration contents or rules that it identifies
as invalid. In IPS Local Management Interface and in SiteProtector™, the appliance presents
a message that the policy failed to apply if you submit settings with
errors on the
SNORT Configuration or
SNORT
Rules tab. The error message includes information from
SNORT to help fix the issue. For SNORT rule errors, the message lists
the SID and message string. The system reports the policy failure
as a significant event.
Tip: Use a syntax checker on SNORT
rules to help decrease the number of invalid rules.
Troubleshooting
Troubleshooting the integrated
SNORT system is an iterative process because it identifies one error
at a time. When the system detects an error, it fails to apply the
policy settings and reports the failure. You must troubleshoot the
error before you can successfully apply the policy settings. After
you fix the error, you must reapply the settings. If the system finds
no other errors in the configuration contents or in the rules, then
it reapplies the policy settings successfully. However, if the system
finds other errors, it repeats this process for each one.
Note: To
find the health status of the SNORT engine, go to .