[[PageOutline]] = 參數說明 = || 參數 || 說明 || || $dst_IP || 被攻擊的IP || || $src_IP || 攻擊來源IP || || $alert_name || 警訊名稱 || || $sid || snort警訊編號 || || $priority || 攻擊等級: 1~3 (強~弱) || || $class || 攻擊分類名稱 || || $src_port || 來源port || || $dst_port || 被攻擊的port || || $type || 封包型態 || = [wiki:ExperimentLog1 實驗一] = 格式: $dst_IP : $sid || Column Family : Column Qulify || cell value || || '''name''':$alert_name || '''priority=''' $priority '''; class=''' $class || || '''from''':$source || $src_IP : $src_port => $dst_IP : $dst_port || || '''payload''':$type || $type || 範例: {{{ #!html
Row Column Cell
105.175.203.246<=402 from:168.150.177.165 168.150.177.165:0 => 105.175.203.246:0
105.175.203.246<=402 name:ICMP Destination Unreachable Port Unreachable priority=3class=Misc activity
105.175.203.246<=402 payload:ICMP ICMP
}}} * [wiki:ExperimentLog2 實驗二] * [wiki:ExperimentLog3 實驗三]