"Now what?" is always the tricky question and largely depends on what you had in mind when you set up the LEM/Snort.
For your other questions:
There are no Snort template rules in Build -> Rules so you would need to create rules manually.
LEM alerts you based on rules, so once a rule is configured (email action or otherwise) it will take actions based on the correlations.
There are no Snort rules or best practices really, you can find additional information here:
SNORT - configuration and troubleshooting - SolarWinds Worldwide, LLC. Help and Support
Configure Snort for LEM - SolarWinds Worldwide, LLC. Help and Support
The key will be that events should be coming in (assuming correctly configured) via the Snort IDS ToolAlias and you can search for that in nDepth in the web console.