SNORT rule with sid:0 - KEMP

["Wojcicki, Michal via Snort-sigs" <snort-sigs () lists snort org>]

Dear Community,
I am using KEMP loadbalancer with SNORT rules applied - now only for gathering logs to adjust false-positives.

Since I applied the rule it detects lots of output of type (I changed path here - just to give example):
/pathchanged/123456/13_DECCC/aaa/test/somefile.aspx' - Invalid URL specification (sid:0 rev:0)

Those paths and files are valid and exist.
I see that different .aspx destinations are catched by logs and this rule (sid:0 rev:0).

However I cannot find its definition in community.rules - I guess sid:0 is some sort of "default" rule. I also could 
not find any information about sid:0. Therefore I cannot do anything, or I am missing some knowledge.

Can you please tell me more about sid:0 rule? How can I exclude some things from checking (not only .aspx files, I see 
different entries catched by sid:0 rule) - as all that files are valid and I cannot see this rule definition. I want 
some rule to bypass that.

Community rules that I use in KEMP is: https://www.snort.org/downloads -> Snort v2.9.

Best Regards
Michal

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!