Error: Log Inspection Rules Require Log Files
If a log inspection rule requires you to add the location of the files to be monitored, of if you add an unnecessary log inspection rule and the files do not exist on your machine, the following error will occur in the ComputerTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). or Policy editorTo open the Policy editor, go to the Policies page and double-click the policy that you want to edit (or select the policy and click Details).:
To resolve the error:
- Click on the Log Inspection Rules Require Log Files error. A window will open with more information about the error. Under Description, the name of the rule causing the error will be listed.
- In the Deep Security Manager, go to Policies > Common Objects > Rules > Log Inspection Rules and locate the rule that is causing the error.
- Double-click the rule. The rule's properties window will appear.
- Go to the Configuration tab.
If the file's location is required:
- Enter the location under Log Files to monitor and click Add.
- Click OK. Once the agent receives the policy, the error will clear.
If the files listed do not exist on the protected machine:
- Go to the ComputerTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). or Policy editorTo open the Policy editor, go to the Policies page and double-click the policy that you want to edit (or select the policy and click Details). > Log Inspection.
- Click Assign/Unassign.
- Locate the unnecessary rule and uncheck the checkbox.
- Click OK. Once the agent receives the policy, the error will clear.
To prevent this error, run a recommendation scan for suggested rules:
- On the Deep Security Manager, go to Computers.
- Right-click the computer you'd like to scan and click Actions > Scan for Recommendations.
- View the results on the General tab of the protection module in the ComputerTo open the Computer editor, go to the Computers page and double-click the computer that you want to edit (or select the computer and click Details). or Policy editorTo open the Policy editor, go to the Policies page and double-click the policy that you want to edit (or select the policy and click Details)..