Is there a way to show just the modifications / tuning changes made to a default downloaded signature set?
Background - I've downloaded a signature set, tuned a specific signature-id to a deny event-action, and from what I understand changes are recorded in a sigdef-delta.xml file.
What I'm hoping to be able to do is issue a command that allows us just to identify the detlas in order to avoid a bunch of documentation.
Any help?