if you enable Inspect all content V19 EAP1 in the Advanced threat protection, the interface does not work and write a error ,,take longer than normal" and after reloading it was saved.
I've had this message on a virtual XG running v19 EAP1 aswell. Let's be honest though, it's more like a informational message, not an error. In the previous versions we have been able to trace this back to snort taking too long to reload. The message never resulted in an actual error, though. At some point snort was always up and running. Unfortunately I am unable to verify this, since Advanced Shell has been disabled. What it means nonetheless, is that snort startup is worse than in v18, so that should be investigated!
ATP is not snort. It is not related. ATP is another kind of service with deeper hooks in the system causing some time to load.
ATP causes snort to reload, which is a fact. You can verify that by simply re-enabling ATP and check ips log. Snort will re-initialize and call ATP. Also, how does your response help in any way with the issue at hand?
Yes, it reloads snort. But it does a lot more than just do a reloading. It will inject different modules.
And this behavior seems not to change since V18.0 (implementing of Fastpath / DPI engine). As far as i know, there was no change in this loading.