Cisco Cisco Firepower Management Center 4000

Admin/Intrusion Admin

Select 

.

The Intrusion Policy page appears.

Click the edit icon (

) next to the policy you want to edit.

If you have unsaved changes in another policy, click 

 to discard those changes and continue. See 

 for information on saving unsaved changes in another 

policy.

The Policy Information page appears.

Click 

.

The Rules page appears.

Locate the rule or rules where you want to set SNMP alerts. You have the following options:

To sort the current display, click on a column heading or icon. To reverse the sort, click again.

Construct a filter by clicking on keywords or arguments in the filter panel on the left. For more 
information, see the following topics: 

.

The page refreshes to display all matching rules.

Select the rule or rules where you want to set SNMP alerts: 

To select a specific rule, select the check box next to the rule.

To select all the rules in the current list, select the check box at the top of the column.

Select 

. 

The system adds the alert and displays an alert icon (

) next to the rule in the Alerting column. If you 

add multiple alert types to a rule, a number over the icon indicates the number of alert types.

To remove an SNMP alert from a rule, click the check box next to the rule and select 

.

Save your policy, continue editing, discard your changes, or exit while leaving your changes in the 
system cache. See the 

 table for more information.

Protection

You can add comments to a rule. Any comments you add can be seen in the Rule Details view on the 
Rules page. 

After you commit the intrusion policy changes containing the comment, you can also view the comment 
by clicking 

 on the rule Edit page. For more information on editing rules, see