cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1308
Views
0
Helpful
2
Replies

Adding snort rules via cli

sanjay.k.patel
Level 1
Level 1

is it possible to add local rules via cli instead of the web interface? We want to add rules based on internal research. In snort we could ssh in and add local rules. Can you still do that with FirePOWER?

thank you

SKP

2 Replies 2

Oliver Kaiser
Level 7
Level 7

I am sure you will find a way to do it by CLI but it is not supported. Your configuration might be overwritten by the UI configuration. Using FMC Webinterface for adding snort rules is the only supported option.

Mark as helpful if this answers your question.

What about the ability to export local rules?  Over time, an exorbitant amount of local rules can accumulate, and I have had multiple inquiries as to how to export them so they can be audited.  Would appreciate any recommendations on how to accomplish this.  The Policy report only provides the SID and Message fields, not the rule syntax.

Review Cisco Networking for a $25 gift card