Show snort rule that matches an alert
Status: Beta
Brought to you by:
danyliw
It would help to know the snort rule that triggered the
alert, at the very least showing it's number to be
search in the configured rules.
The best thing would be to show the rule along with the
logged packet.
Most people have a bunch of rules installed that they
didn't write and it could help to determine if
something is important or not.