Content Library TabContent Library Tab

The (CONFIGURE) > Policies view contains two tabs: Configuration and Content.

The CONTENT tab has Content Library, Policies and Groups on the left panel.

Below is an example of the Content > Content Library tab:

Toolbar

Create Rule - Lets you create a rule.
Clone Rue - Lets you clone an application rule or network rule. For more information, see Clone Application Rule or Clone Network Rule.
Delete - Lets you delete an application rule or network rule. For more information, see Delete Application Rule or Delete Network Rule.
Import - Lets you import an application rule or network rule. For more information, see Import Content to Content Library.

Rule List Pane

You can also sort on any column. If you mouse over a column header, a sort icon is displayed: . Click the icon to sort by the selected column.

Create New Rule dialog:

Below is an example of the Create new rule dialog:

The table describes the information and options in the Create New Rule dialog:

Field	Description
Rule Name	Name of the new rule. The name should be unique.
Condition	Condition for the new rule. You can apply two types of conditions for the rule. Normal mode: It gives suggestions for supported metas (ip, host and so on) and operators (“=”, “Not Equal To”, “Contains”, “Exists” and so on). The entered condition will be enclosed in a ‘Pill’. When you enter multiple conditions, the conditions are automatically joined by an ‘AND’ operator. On clicking the ‘AND’ operator, you can toggle between ‘AND’ and ‘OR’ operators. Advanced: You can customize the conditions as a free form text.
Medium	Medium through which the rule is created. For a network rule, the value of medium is selected as Packet as default and the user cannot edit it.
Session Data	Session data for the new rule. Indicates if the rule processing should stop, keep, filter or truncate when the session data is running.
Session Options	Session options for the new rule. Indicates if the session options should be alert, forward or transient.
Alert On	Conditions for which the alert should be turned on.
Save	Saves the settings and closes the Create New Rule dialog.
Cancel	Cancels the operations.

Clone Rule dialog:

Below is an example of the Clone rule dialog.

The table describes the information and options in the Clone Rule dialog:

Field	Description
Enter Name for Cloned Rule	Name of the cloned rule. The name should be unique.
Clone	Clones the rule and closes the Cone Rule dialog.
Cancel	Cancels the operation.

NetWitness Community