Hi,
I didn't find a detector for yum application (package installation software for CentOS). Firepower detect it as 'urlgrabber' application (i see it in firepower logs). I think it's because of UserAgent header for yum.
For my test invoroment it is urlgrabber/3.10 yum/3.4.3.
'urlgrabber' applicattion works in Access Policy but it's not good and i decided to create a custom application detector based on UserAgent header.
I created custom an application detector 'yum-update' and pcap test for it was successful but when i use it in access rules, it doesn't work. In logs i see that firepower still detects the traffic as 'urlgrabber' application...
How to make my app detector work?
p.s. my app detector in the attachment