參數說明

參數	說明
$dst_IP	被攻擊的IP
$src_IP	攻擊來源IP
$alert_name	警訊名稱
$sid	snort警訊編號
$priority	攻擊等級: 1~3 (強~弱)
$class	攻擊分類名稱
$src_port	來源port
$dst_port	被攻擊的port
$type	封包型態

實驗一

格式：

$dst_IP : $sid

Column Family : Column Qulify	cell value
name:$alert_name	priority= $priority ; class= $class
from:$source	$src_IP : $src_port => $dst_IP : $dst_port
payload:$type	$type

範例：

Row	Column	Cell
105.175.203.246<=402	from:168.150.177.165	168.150.177.165:0 => 105.175.203.246:0
105.175.203.246<=402	name:ICMP Destination Unreachable Port Unreachable	priority=3class=Misc activity
105.175.203.246<=402	payload:ICMP	ICMP

實驗二?

實驗三

98 row(s) in set. (0.30 sec)

格式：

$dst_IP : $sid

Column Family : Column Qulify	cell value
name:$alert_name	priority= $priority ; class= $class
from:$source	$src_IP : $src_port => $dst_IP : $dst_port
payload:$type	$type

範例：

Row	Column	Cell
105.175.203.246	direction:dstport	0
105.175.203.246	direction:soure	168.150.177.165
105.175.203.246	direction:srcport	0
105.175.203.246	id:gid	1
105.175.203.246	id:priority	3
105.175.203.246	id:sid	402
105.175.203.246	id:version	7
105.175.203.246	name:class	Misc activity
105.175.203.246	name:name	ICMP Destination Unreachable Port Unreachable
105.175.203.246	payload:type	ICMP