Meta-settings have no effect on Suricata's inspection; they have an
Meta-settings have no effect on Suricata's inspection; they do have an effect on the way Suricata reports events.
effect on the way Suricata reports events.
msg (message)
msg (message)
-------------
-------------
The keyword msg gives more information about the signature and the
The keyword msg gives more information about the signature and the possible alert. The first part shows the class of the signature. It is a convention that part is written in uppercase
possible alert. The first part shows the filename of the
signature. It is a convention that part is written in uppercase
characters.
characters.
The format of msg is:
The format of msg is:
::
::
msg: "some description";
msg: “..........”;
Examples:
Example:
::
::
@ -39,8 +35,7 @@ In this example the red, bold-faced part is the msg.
Sid (signature id)
Sid (signature id)
------------------
------------------
The keyword sid gives every signature its own id. This id is stated
The keyword sid gives every signature its own id. This id is stated with a number.
Victor Julien
9 years ago