This topic describes the steps to create an application rule.
To create a new Application Rule
Go to (CONFIGURE) > Policies.
In the policies panel, click Content.
In the left panel, click Content Library.
The available rules are displayed.
In the application rule panel, click + Create Rule to add an application rule.
In the New Create Rule panel, do the following:
Enter a unique rule name. If the name of that application rule is the same as an existing rule, an error message is displayed.
Enter the rule value. This is the value written to the alert meta. While creating a new rule, the rule value is defaulted with the rule name. However, you can modify the same.
Note: This field is applicable only for 12.1.1 version.
Enter the condition for the rule. You can apply two types of conditions for the rule.
It gives suggestions for supported metas (ip, host and so on) and operators (“=”, “Not Equal To”, “Contains”, “Exists” and so on).
The entered condition will be enclosed in a ‘Pill’. When you enter multiple conditions, the conditions are automatically joined by an ‘AND’ operator. On clicking the ‘AND’ operator, you can toggle between ‘AND’ and ‘OR’ operators.
Advanced: You can customize the conditions as a free form text.
Select the medium to be applied for the rule.
Enter the description for the rule.
Select the session data to be applied for the rule.
Select the session options to be applied for the rule.
Enter the meta value for the alert on. This is a mandatory field.