1. F5 Distributed Cloud App Infrastructure Protection (AIP) Support
  2. Feature Walkthrough
  3. Rules

Update a Ruleset

You can update a ruleset in F5 Distributed Cloud App Infrastructure Protection (AIP) Rules tab or Alerts tab.

Note

If you are looking to create a ruleset, see Add Ruleset.

Update the Base Rule Set

You can rename the Base Rule Set in the Distributed Cloud AIP CSP.

  1. Navigate to the Rules tab and select the Base Rule Set.


    Select_base_ruleset.png

  2. In the right view pane, the Details screen displays. You can update the following:
    1. The ruleset name
    2. The ruleset description

    Base_ruleset_details.png

  3. After making your updates, click the Update Ruleset button to register your changes.


    Updating_base_ruleset.png

The ruleset is updated and your changes are displayed in the Rules tab.

Updated_base_ruleset.png

Important

Clicking the Delete Ruleset link will permanently remove the updated ruleset from your organization. This ruleset will no longer be available to servers previously assigned to it.

  • We do not recommend deleting the Base Rule Set if it is the only ruleset assigned to your organization.
  • If you unintentionally delete the Base Rule Set or require assistance with re-tuning your ruleset, we recommend contacting aipsupport@f5.com.
Update a Rule through the Rules Tab
  1. Navigate to the Rules tab and select the rule you want to update.


    1.png

  2. In the right view pane, the Details screen displays. You can update the following:
    1. The rule name
    2. The alert title
    3. The alert description
    4. The aggregate fields
    5. The frequency of triggering an alert

    2.png

  3. Click the Update Rule button to register your changes.


    3.png

  4. Click the Filter link to display the rule filter settings. You can also update your deployment and suppression settings.


    4.png

  5. To add a new suppression, click the New Suppression button. For additional information, see Suppress an Alert.


    NewSupBut.png

  6. After making your selections, click the Add New Suppression button to register your changes.


    AddNewSupBut2.png

The ruleset is updated and your changes are displayed in the Rules tab.

6.png

Update a Rule through the Alerts Tab
  1. Navigate to the Alerts tab. Locate the alert associated with the rule you want to update.

    UpdateRuleset1_callouts.png

  2. Click the View/Edit Rule link.

    UpdateRuleset2callouts.png

  3. The Edit Rule dialog displays. Within the Details pane, you can update the following:
    1. The severity of the alert
    2. The rule name
    3. The alert title
    4. The alert description
    5. The aggregate fields
    6. The frequency of triggering an alert

    Note

    In this example, a host rule is being updated.


    9.png

  4. You can also update other settings for deployment, rule filter and suppression by clicking their respective tabs.


    10.png

  5. Select the Suppressions tab. 


    EditHostRule.png

  6. Click the New Suppression button.
  7. To add suppression filter(s), see Suppress an Alert.


    EditHostAddSup.png

  8. After making your selections, click the Add New Suppression button to register your changes.

The ruleset is updated and your changes are displayed in the Distributed Cloud AIP CSP.

Was this article helpful?
0 out of 0 found this helpful

Table of Contents

Related articles