[英]what does this mean in suricata rule alert?
I installed and configured suricata to give errors. 我安装并配置了suricata以给出错误。 It gave me error like 它给了我错误
Jan 13 11:22:18 201612317 01/13/2017-11:22:18.308560 [ ] [1:2001219:20] ET SCAN Potential SSH Scan [ ] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 1月13日11:22:18 201612317 01/13 / 2017-11:22:18.308560 [ ] [1:2001219:20] ET SCAN潜在的SSH扫描[ ] [分类:尝试的信息泄漏] [优先级:2] {TCP}
I wanted to know what does this [1:2001219:20] mean in this rules ? 我想知道这[1:2001219:20]在此规则中意味着什么?
I found the answer. 我找到了答案。 It is 它是
1 is the classtype 1是类类型
2001219 is the alert id 2001219是警报ID
20 is the revision 20是修订
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.