My Community Dashboard

  • The useful logs are in /var/log/snort/syslog. This app is not the most intuitive and GPL rules are enabled in Webconfig > Gateway > Intrusion Prevention > Intrusion Detection System and the IDS updates in Webconfig > Cloud > Updates > IDS Signatures. Note the IDS is quite processor intensive and it is best to only enable rules where you have services which are exposed to the internet.

    I don't get any response from your test sites but I have a limited number of rules enabled. I do get responses to other rules.