#3 Show snort rule that matches an alert

[Anonymous]

It would help to know the snort rule that triggered the
alert, at the very least showing it's number to be
search in the configured rules.

The best thing would be to show the rule along with the
logged packet.

Most people have a bunch of rules installed that they
didn't write and it could help to determine if
something is important or not.