Configuring OpenSignatures

The Network IPS appliance supports OpenSignatures, which are customized, pattern-matching signatures written with a flexible rules language.

About this task

In order for OpenSignatures to work, you must enable the OpenSignature parser. For information about how to enable the OpenSignature parser and other OpenSignature tuning parameters, see OpenSignature tuning parameters.

Attention: IBM® Support is not available to help write or troubleshoot custom rules. If you need assistance with creating custom signatures, contact IBM Professional Services.
These rules detect specific threats that are not preemptively covered in Network IPS products. This feature is integrated with the IBM Protocol Analysis Module (PAM) as a rule interpreter.
Important: OpenSignatures require the content keyword to function properly. If the OpenSignature rule is improperly formatted, you might receive a PAM configuration error response.