A good starting place is:
http://www.cisco.com/en/US/products/hw/vpndevc/index.html#products
Look for the Network Intrusion Detection section to see the different product sections.
FYI: Many of these IDS product sections are just different representations of the same information and many contain links to the same underlying documents.
What I generally point users to is the Universal Documentation CD if they ask about User guides. All of the documentation on the CD is also available online. These same docs are in the product sections from above, but are organized in a simpler manner by product version on the CD.
Link to the online doc CD for the IDS documentation:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/index.htm
For the few specific questions you asked:
details on signatures, adding/making changes in signatures:
The first place to look is the NSDB. It is available on the sensor itself through a link in the top right corner of IDM. It provides information about each signature.
The same information is also available on Cisco's web site:
http://www.cisco.com/cgi-bin/front.x/csec/idsHome.pl
To see what parameters make up the actual signature I recommend viewing them through IDM:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/idmiev/swchap3.htm#wp31460
Once you see what parameters make up the signature you can find out more about what each parameter means in the IDM documentation:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids10/idmiev/swappa.htm
For threat response:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/threat/ctr20/index.htm
