Snort_AIPreproc/doc/html/struct__AI__snort__alert.html

501 lines
28 KiB
HTML
Raw Normal View History

2010-08-16 22:09:34 +02:00
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<title>Snort AI preprocessor module: _AI_snort_alert Struct Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javaScript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
</head>
<body onload='searchBox.OnSelectItem(0);'>
<!-- Generated by Doxygen 1.7.1 -->
<script type="text/javascript"><!--
var searchBox = new SearchBox("searchBox", "search",false,'Search');
--></script>
<div class="navigation" id="top">
<div class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main&nbsp;Page</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
<li class="current"><a href="annotated.html"><span>Data&nbsp;Structures</span></a></li>
<li><a href="files.html"><span>Files</span></a></li>
<li id="searchli">
<div id="MSearchBox" class="MSearchBoxInactive">
<span class="left">
<img id="MSearchSelect" src="search/mag_sel.png"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
alt=""/>
<input type="text" id="MSearchField" value="Search" accesskey="S"
onfocus="searchBox.OnSearchFieldFocus(true)"
onblur="searchBox.OnSearchFieldFocus(false)"
onkeyup="searchBox.OnSearchFieldChange(event)"/>
</span><span class="right">
<a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
</span>
</div>
</li>
</ul>
</div>
<div class="tabs2">
<ul class="tablist">
<li><a href="annotated.html"><span>Data&nbsp;Structures</span></a></li>
<li><a href="classes.html"><span>Data&nbsp;Structure&nbsp;Index</span></a></li>
<li><a href="functions.html"><span>Data&nbsp;Fields</span></a></li>
</ul>
</div>
</div>
<div class="header">
<div class="summary">
<a href="#pub-attribs">Data Fields</a> </div>
<div class="headertitle">
<h1>_AI_snort_alert Struct Reference</h1> </div>
</div>
<div class="contents">
<!-- doxytag: class="_AI_snort_alert" -->
<p><code>#include &lt;<a class="el" href="spp__ai_8h_source.html">spp_ai.h</a>&gt;</code></p>
<table class="memberdecls">
<tr><td colspan="2"><h2><a name="pub-attribs"></a>
Data Fields</h2></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">unsigned int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#af8408be5da59cda853442dd13465c0f6">gid</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">unsigned int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a3349aa68d2234f8ffd897367c3a8a137">sid</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">unsigned int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a864d3baa48586d6a31639f4cd27d9d37">rev</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">unsigned short&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a25661fa4e212c5e30af5e6a892985ec9">priority</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">char *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#ac0902d7c756ec675fb06347ce4706135">desc</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">char *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#aa89585e14acb2c4e684a1552d322632f">classification</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">time_t&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a10a67f60ca3da339a2104849a0b2ac19">timestamp</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a3f3c47f9baf3229d067504a85873b416">ip_tos</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#ad3ffe99036513d5f33b94d22fb84f8f1">ip_len</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a2fc673dec85a7b49dd16ac7c0bb1bb78">ip_id</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a3c9bbe84ec696cd58668a45799a66600">ip_ttl</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a5ea7b250ac1c472f3ab57565b6df2536">ip_proto</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a194117c57a52933d16a97838562bb611">ip_src_addr</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a754ca683593c838e4032fa8c13b1512b">ip_dst_addr</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a4d4cbdbd9675f4c43545547f55174cb7">tcp_src_port</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#aaca31cb67d48ffc3bfd1227686d5f5a4">tcp_dst_port</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#ad6edf59fccea55bf5f940bf36117020b">tcp_seq</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a8aac577224a4325ec50511c6d79b4b79">tcp_ack</a></td></tr>
2010-08-16 22:09:34 +02:00
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#aa643f11db93b70242b57f0a04775e507">tcp_flags</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a1687fccc26bb211591db8b36ffec5348">tcp_window</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a>&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#ab7e0507050b8e475fea7a4b26c768857">tcp_len</a></td></tr>
2010-08-16 22:09:34 +02:00
<tr><td class="memItemLeft" align="right" valign="top">struct <a class="el" href="structpkt__info.html">pkt_info</a> *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a09dfe0a841fd3912ec78060d4547cb31">stream</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">struct <a class="el" href="struct__AI__snort__alert.html">_AI_snort_alert</a> *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#aa8336d4b3359015ed8ea312ca1fd1173">next</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#ac53765584296ead1328eabfaba8a3aed">h_node</a> [CLUSTER_TYPES]</td></tr>
<tr><td class="memItemLeft" align="right" valign="top">unsigned int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a285aff12d6bac03c316ccc5305d28e53">grouped_alarms_count</a></td></tr>
2010-09-11 12:45:30 +02:00
<tr><td class="memItemLeft" align="right" valign="top"><a class="el" href="structAI__hyperalert__info.html">AI_hyperalert_info</a> *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#ac101de15b4f9451f235b82122f77b62a">hyperalert</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">struct <a class="el" href="struct__AI__snort__alert.html">_AI_snort_alert</a> *&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a55a5488c7ee7706ded4c16b1235fd9c7">previous_correlated</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">struct <a class="el" href="struct__AI__snort__alert.html">_AI_snort_alert</a> **&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#aac5e4078600ed17532db1f3d78165390">derived_alerts</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">unsigned int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="struct__AI__snort__alert.html#a1f2d5e8cfd0e6321b977173d1e90cb68">n_derived_alerts</a></td></tr>
2010-08-16 22:09:34 +02:00
</table>
<hr/><a name="_details"></a><h2>Detailed Description</h2>
<p>Data type for Snort alerts </p>
2010-08-16 22:09:34 +02:00
<hr/><h2>Field Documentation</h2>
<a class="anchor" id="aa89585e14acb2c4e684a1552d322632f"></a><!-- doxytag: member="_AI_snort_alert::classification" ref="aa89585e14acb2c4e684a1552d322632f" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">char* <a class="el" href="struct__AI__snort__alert.html#aa89585e14acb2c4e684a1552d322632f">_AI_snort_alert::classification</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="aac5e4078600ed17532db1f3d78165390"></a><!-- doxytag: member="_AI_snort_alert::derived_alerts" ref="aac5e4078600ed17532db1f3d78165390" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">struct <a class="el" href="struct__AI__snort__alert.html">_AI_snort_alert</a>** <a class="el" href="struct__AI__snort__alert.html#aac5e4078600ed17532db1f3d78165390">_AI_snort_alert::derived_alerts</a></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>Array of directly correlated 'derived' alerts from the current one, if any </p>
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="ac0902d7c756ec675fb06347ce4706135"></a><!-- doxytag: member="_AI_snort_alert::desc" ref="ac0902d7c756ec675fb06347ce4706135" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">char* <a class="el" href="struct__AI__snort__alert.html#ac0902d7c756ec675fb06347ce4706135">_AI_snort_alert::desc</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="af8408be5da59cda853442dd13465c0f6"></a><!-- doxytag: member="_AI_snort_alert::gid" ref="af8408be5da59cda853442dd13465c0f6" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned int <a class="el" href="struct__AI__snort__alert.html#af8408be5da59cda853442dd13465c0f6">_AI_snort_alert::gid</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a285aff12d6bac03c316ccc5305d28e53"></a><!-- doxytag: member="_AI_snort_alert::grouped_alarms_count" ref="a285aff12d6bac03c316ccc5305d28e53" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned int <a class="el" href="struct__AI__snort__alert.html#a285aff12d6bac03c316ccc5305d28e53">_AI_snort_alert::grouped_alarms_count</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
2010-09-11 12:45:30 +02:00
<p>If the clustering algorithm is used, we also count how many alerts this single alert groups </p>
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="ac53765584296ead1328eabfaba8a3aed"></a><!-- doxytag: member="_AI_snort_alert::h_node" ref="ac53765584296ead1328eabfaba8a3aed" args="[CLUSTER_TYPES]" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="struct__hierarchy__node.html">hierarchy_node</a>* <a class="el" href="struct__AI__snort__alert.html#ac53765584296ead1328eabfaba8a3aed">_AI_snort_alert::h_node</a>[CLUSTER_TYPES]</td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
2010-09-11 12:45:30 +02:00
<p>Hierarchies for addresses and ports, if the clustering algorithm is used </p>
</div>
</div>
<a class="anchor" id="ac101de15b4f9451f235b82122f77b62a"></a><!-- doxytag: member="_AI_snort_alert::hyperalert" ref="ac101de15b4f9451f235b82122f77b62a" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="structAI__hyperalert__info.html">AI_hyperalert_info</a>* <a class="el" href="struct__AI__snort__alert.html#ac101de15b4f9451f235b82122f77b62a">_AI_snort_alert::hyperalert</a></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>Hyperalert information, pre-conditions and post-conditions </p>
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="a754ca683593c838e4032fa8c13b1512b"></a><!-- doxytag: member="_AI_snort_alert::ip_dst_addr" ref="a754ca683593c838e4032fa8c13b1512b" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a> <a class="el" href="struct__AI__snort__alert.html#a754ca683593c838e4032fa8c13b1512b">_AI_snort_alert::ip_dst_addr</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a2fc673dec85a7b49dd16ac7c0bb1bb78"></a><!-- doxytag: member="_AI_snort_alert::ip_id" ref="a2fc673dec85a7b49dd16ac7c0bb1bb78" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a> <a class="el" href="struct__AI__snort__alert.html#a2fc673dec85a7b49dd16ac7c0bb1bb78">_AI_snort_alert::ip_id</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="ad3ffe99036513d5f33b94d22fb84f8f1"></a><!-- doxytag: member="_AI_snort_alert::ip_len" ref="ad3ffe99036513d5f33b94d22fb84f8f1" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a> <a class="el" href="struct__AI__snort__alert.html#ad3ffe99036513d5f33b94d22fb84f8f1">_AI_snort_alert::ip_len</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a5ea7b250ac1c472f3ab57565b6df2536"></a><!-- doxytag: member="_AI_snort_alert::ip_proto" ref="a5ea7b250ac1c472f3ab57565b6df2536" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a> <a class="el" href="struct__AI__snort__alert.html#a5ea7b250ac1c472f3ab57565b6df2536">_AI_snort_alert::ip_proto</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a194117c57a52933d16a97838562bb611"></a><!-- doxytag: member="_AI_snort_alert::ip_src_addr" ref="a194117c57a52933d16a97838562bb611" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a> <a class="el" href="struct__AI__snort__alert.html#a194117c57a52933d16a97838562bb611">_AI_snort_alert::ip_src_addr</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a3f3c47f9baf3229d067504a85873b416"></a><!-- doxytag: member="_AI_snort_alert::ip_tos" ref="a3f3c47f9baf3229d067504a85873b416" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a> <a class="el" href="struct__AI__snort__alert.html#a3f3c47f9baf3229d067504a85873b416">_AI_snort_alert::ip_tos</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a3c9bbe84ec696cd58668a45799a66600"></a><!-- doxytag: member="_AI_snort_alert::ip_ttl" ref="a3c9bbe84ec696cd58668a45799a66600" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a> <a class="el" href="struct__AI__snort__alert.html#a3c9bbe84ec696cd58668a45799a66600">_AI_snort_alert::ip_ttl</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a1f2d5e8cfd0e6321b977173d1e90cb68"></a><!-- doxytag: member="_AI_snort_alert::n_derived_alerts" ref="a1f2d5e8cfd0e6321b977173d1e90cb68" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned int <a class="el" href="struct__AI__snort__alert.html#a1f2d5e8cfd0e6321b977173d1e90cb68">_AI_snort_alert::n_derived_alerts</a></td>
</tr>
</table>
</div>
<div class="memdoc">
<p>Number of derived alerts </p>
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="aa8336d4b3359015ed8ea312ca1fd1173"></a><!-- doxytag: member="_AI_snort_alert::next" ref="aa8336d4b3359015ed8ea312ca1fd1173" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">struct <a class="el" href="struct__AI__snort__alert.html">_AI_snort_alert</a>* <a class="el" href="struct__AI__snort__alert.html#aa8336d4b3359015ed8ea312ca1fd1173">_AI_snort_alert::next</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
2010-09-11 12:45:30 +02:00
<p>Pointer to the next alert in the log, if any </p>
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="a55a5488c7ee7706ded4c16b1235fd9c7"></a><!-- doxytag: member="_AI_snort_alert::previous_correlated" ref="a55a5488c7ee7706ded4c16b1235fd9c7" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">struct <a class="el" href="struct__AI__snort__alert.html">_AI_snort_alert</a>* <a class="el" href="struct__AI__snort__alert.html#a55a5488c7ee7706ded4c16b1235fd9c7">_AI_snort_alert::previous_correlated</a></td>
</tr>
</table>
</div>
<div class="memdoc">
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="a25661fa4e212c5e30af5e6a892985ec9"></a><!-- doxytag: member="_AI_snort_alert::priority" ref="a25661fa4e212c5e30af5e6a892985ec9" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned short <a class="el" href="struct__AI__snort__alert.html#a25661fa4e212c5e30af5e6a892985ec9">_AI_snort_alert::priority</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a864d3baa48586d6a31639f4cd27d9d37"></a><!-- doxytag: member="_AI_snort_alert::rev" ref="a864d3baa48586d6a31639f4cd27d9d37" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned int <a class="el" href="struct__AI__snort__alert.html#a864d3baa48586d6a31639f4cd27d9d37">_AI_snort_alert::rev</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a3349aa68d2234f8ffd897367c3a8a137"></a><!-- doxytag: member="_AI_snort_alert::sid" ref="a3349aa68d2234f8ffd897367c3a8a137" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned int <a class="el" href="struct__AI__snort__alert.html#a3349aa68d2234f8ffd897367c3a8a137">_AI_snort_alert::sid</a></td>
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a09dfe0a841fd3912ec78060d4547cb31"></a><!-- doxytag: member="_AI_snort_alert::stream" ref="a09dfe0a841fd3912ec78060d4547cb31" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">struct <a class="el" href="structpkt__info.html">pkt_info</a>* <a class="el" href="struct__AI__snort__alert.html#a09dfe0a841fd3912ec78060d4547cb31">_AI_snort_alert::stream</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
2010-09-11 12:45:30 +02:00
<p>Reference to the TCP stream associated to the alert, if any </p>
2010-08-16 22:09:34 +02:00
</div>
</div>
<a class="anchor" id="a8aac577224a4325ec50511c6d79b4b79"></a><!-- doxytag: member="_AI_snort_alert::tcp_ack" ref="a8aac577224a4325ec50511c6d79b4b79" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a> <a class="el" href="struct__AI__snort__alert.html#a8aac577224a4325ec50511c6d79b4b79">_AI_snort_alert::tcp_ack</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="aaca31cb67d48ffc3bfd1227686d5f5a4"></a><!-- doxytag: member="_AI_snort_alert::tcp_dst_port" ref="aaca31cb67d48ffc3bfd1227686d5f5a4" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a> <a class="el" href="struct__AI__snort__alert.html#aaca31cb67d48ffc3bfd1227686d5f5a4">_AI_snort_alert::tcp_dst_port</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="aa643f11db93b70242b57f0a04775e507"></a><!-- doxytag: member="_AI_snort_alert::tcp_flags" ref="aa643f11db93b70242b57f0a04775e507" args="" -->
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5">uint8_t</a> <a class="el" href="struct__AI__snort__alert.html#aa643f11db93b70242b57f0a04775e507">_AI_snort_alert::tcp_flags</a></td>
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="ab7e0507050b8e475fea7a4b26c768857"></a><!-- doxytag: member="_AI_snort_alert::tcp_len" ref="ab7e0507050b8e475fea7a4b26c768857" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a> <a class="el" href="struct__AI__snort__alert.html#ab7e0507050b8e475fea7a4b26c768857">_AI_snort_alert::tcp_len</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="ad6edf59fccea55bf5f940bf36117020b"></a><!-- doxytag: member="_AI_snort_alert::tcp_seq" ref="ad6edf59fccea55bf5f940bf36117020b" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62">uint32_t</a> <a class="el" href="struct__AI__snort__alert.html#ad6edf59fccea55bf5f940bf36117020b">_AI_snort_alert::tcp_seq</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a4d4cbdbd9675f4c43545547f55174cb7"></a><!-- doxytag: member="_AI_snort_alert::tcp_src_port" ref="a4d4cbdbd9675f4c43545547f55174cb7" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a> <a class="el" href="struct__AI__snort__alert.html#a4d4cbdbd9675f4c43545547f55174cb7">_AI_snort_alert::tcp_src_port</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a1687fccc26bb211591db8b36ffec5348"></a><!-- doxytag: member="_AI_snort_alert::tcp_window" ref="a1687fccc26bb211591db8b36ffec5348" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="spp__ai_8h.html#a273cf69d639a59973b6019625df33e30">uint16_t</a> <a class="el" href="struct__AI__snort__alert.html#a1687fccc26bb211591db8b36ffec5348">_AI_snort_alert::tcp_window</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<a class="anchor" id="a10a67f60ca3da339a2104849a0b2ac19"></a><!-- doxytag: member="_AI_snort_alert::timestamp" ref="a10a67f60ca3da339a2104849a0b2ac19" args="" -->
2010-08-16 22:09:34 +02:00
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">time_t <a class="el" href="struct__AI__snort__alert.html#a10a67f60ca3da339a2104849a0b2ac19">_AI_snort_alert::timestamp</a></td>
2010-08-16 22:09:34 +02:00
</tr>
</table>
</div>
<div class="memdoc">
</div>
</div>
<hr/>The documentation for this struct was generated from the following file:<ul>
<li><a class="el" href="spp__ai_8h_source.html">spp_ai.h</a></li>
</ul>
</div>
<!--- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark">&nbsp;</span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark">&nbsp;</span>Data Structures</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark">&nbsp;</span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark">&nbsp;</span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark">&nbsp;</span>Variables</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(5)"><span class="SelectionMark">&nbsp;</span>Typedefs</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(6)"><span class="SelectionMark">&nbsp;</span>Enumerations</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(7)"><span class="SelectionMark">&nbsp;</span>Enumerator</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(8)"><span class="SelectionMark">&nbsp;</span>Defines</a></div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Tue Sep 14 2010 19:23:42 for Snort AI preprocessor module by&nbsp;
2010-08-16 22:09:34 +02:00
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.1 </small></address>
</body>
</html>