Cisco Cisco FirePOWER Appliance 8270

Protection

Avoid using the following words in a 

metadata

 keyword, either as a single argument or as the key in a 

 statement; these are reserved for use by the VRT:

application

engine

impact_flag

os

policy

rule-type

rule-flushing

soid

Contact Support for assistance in adding restricted metadata to local rules that might not otherwise 
function as expected. See 

 for more information.

Protection

To search for rules that use the 

metadata

 keyword, select the 

metadata

 keyword on the rules Search page 

and, optionally, type any portion of the metadata. For example, you can type:

author

 to display all rules where you have used 

author

 for 

.

author snortguru

 to display all rules where you have used 

author

 for 

 and 

SnortGuru

 for 

.

finger

Finger user information protocol

ftp

File Transfer Protocol

ftp-data

File Transfer Protocol (Data Channel)

http

Hypertext Transfer Protocol

imap

Internet Message Access Protocol

isakmp

Internet Security Association and Key Management Protocol

netbios-dgm

NETBIOS Datagram Service

netbios-ns

NETBIOS Name Service

netbios-ssn

NETBIOS Session Service

nntp

Network News Transfer Protocol

oracle

Oracle Net Services

pop2

Post Office Protocol, version 2

pop3

Post Office Protocol, version 3

smtp

Simple Mail Transfer Protocol

ssh

Secure Shell network protocol

telnet

Telnet network protocol

tftp

Trivial File Transfer Protocol

x11

X Window System