1 | | * [wiki:ExperimentLog1 實驗一] |
| 1 | [[PageOutline]] |
| 2 | |
| 3 | || 參數 || 說明 || |
| 4 | || $dst_IP || 被攻擊的IP || |
| 5 | || $src_IP || 攻擊來源IP || |
| 6 | || $alert_name || 警訊名稱 || |
| 7 | || $sid || snort警訊編號 || |
| 8 | || $priority || 攻擊等級: 1~3 (強~弱) || |
| 9 | || $class || 攻擊分類名稱 || |
| 10 | || $src_port || 來源port || |
| 11 | || $dst_port || 被攻擊的port || |
| 12 | || $type || 封包型態 || |
| 13 | |
| 14 | = [wiki:ExperimentLog1 實驗一] = |
| 15 | |
| 16 | 格式: |
| 17 | $dst_IP : $sid |
| 18 | || ColumnFamily : ColumnQulify || cell value || |
| 19 | || '''name''':$alert_name || priority=$priority;class=$class || |
| 20 | || '''from''':$source || $src_IP : $src_port => $dst_IP : $dst_port || |
| 21 | || '''payload''':$type || $type || |
| 22 | |