Can not save rule file after edit

[HALELUJAH]

Hello,

After we write new rule we can not save it from the manager. we getting this error below.

[Nicolás Edgardo Rocca]

Hi,

We'll need a little more information about the rule you're trying to create and how you're adding It to your manager in order to debug It and fix this problem.

Please share the rule you want to add to double check It has no errors in Its definition. In addition, a couple of question regarding your setup:

• Assuming based on the screenshot you shared that you're using the Dashboard rule editor, are you trying to add this new rule into a new rule file or into an already existing one?
• Were you able to run your rule trough Ruleset Test tool? You can open this tool in the upper right corner of your screen when editing or adding a rules file. It'll let you input a log line to test if It gets decoded properly and if It matches any rules at all, and finally if It'd trigger an alert.