Ok thank you, I think that answers the question. It is unfortunate that we can't perform manual searches against our historical data in LEM for the purpose of testing correlation rules. Is this a feature that may be added at some point? Where can I submit a feature request?
Also, the primary logic in the rule is "Any Alert.ExtraneousInfo = *subtype=ips*" - the rest of the rule consists of negating events that I do not want to see trigger the rule.