I need to create my KB because the current is very very old ( 09:59:59 GMT-06:00 Tue Sep 22 2009 ) When I try to save it manually with the command
anomaly-detection vs0 save MYKB I get an error that says: Attack in progress
I need to create a new KB and load it because the Rotate methot is not working since the last KB is very old. I thisk it's not working because there is an attack ALWAYS.
Can I save a load a KB file manually even if there is an attack in progress?
If not, How can I fix my problem
You can fix this by:
- Turn the anomaly detection off (operational-mode inactive)
- Erase/copy/load the files you need and start the anomaly detection or preferably put the sensor in learning accept mode (operational-mode learn) and wait for 24 hours.