2010-08-16 22:09:34 +02:00
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
< html xmlns = "http://www.w3.org/1999/xhtml" >
< head >
< meta http-equiv = "Content-Type" content = "text/xhtml;charset=UTF-8" / >
< title > Snort AI preprocessor module: _AI_snort_alert Struct Reference< / title >
< link href = "tabs.css" rel = "stylesheet" type = "text/css" / >
< link href = "search/search.css" rel = "stylesheet" type = "text/css" / >
< script type = "text/javaScript" src = "search/search.js" > < / script >
< link href = "doxygen.css" rel = "stylesheet" type = "text/css" / >
< / head >
< body onload = 'searchBox.OnSelectItem(0);' >
<!-- Generated by Doxygen 1.7.1 -->
< script type = "text/javascript" > < ! - -
var searchBox = new SearchBox("searchBox", "search",false,'Search');
-->< / script >
< div class = "navigation" id = "top" >
< div class = "tabs" >
< ul class = "tablist" >
< li > < a href = "index.html" > < span > Main Page< / span > < / a > < / li >
< li > < a href = "modules.html" > < span > Modules< / span > < / a > < / li >
< li class = "current" > < a href = "annotated.html" > < span > Data Structures< / span > < / a > < / li >
< li > < a href = "files.html" > < span > Files< / span > < / a > < / li >
< li id = "searchli" >
< div id = "MSearchBox" class = "MSearchBoxInactive" >
< span class = "left" >
< img id = "MSearchSelect" src = "search/mag_sel.png"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
alt=""/>
< input type = "text" id = "MSearchField" value = "Search" accesskey = "S"
onfocus="searchBox.OnSearchFieldFocus(true)"
onblur="searchBox.OnSearchFieldFocus(false)"
onkeyup="searchBox.OnSearchFieldChange(event)"/>
< / span > < span class = "right" >
< a id = "MSearchClose" href = "javascript:searchBox.CloseResultsWindow()" > < img id = "MSearchCloseImg" border = "0" src = "search/close.png" alt = "" / > < / a >
< / span >
< / div >
< / li >
< / ul >
< / div >
< div class = "tabs2" >
< ul class = "tablist" >
< li > < a href = "annotated.html" > < span > Data Structures< / span > < / a > < / li >
< li > < a href = "classes.html" > < span > Data Structure Index< / span > < / a > < / li >
< li > < a href = "functions.html" > < span > Data Fields< / span > < / a > < / li >
< / ul >
< / div >
< / div >
< div class = "header" >
< div class = "summary" >
< a href = "#pub-attribs" > Data Fields< / a > < / div >
< div class = "headertitle" >
< h1 > _AI_snort_alert Struct Reference< / h1 > < / div >
< / div >
< div class = "contents" >
<!-- doxytag: class="_AI_snort_alert" -->
< p > < code > #include < < a class = "el" href = "spp__ai_8h_source.html" > spp_ai.h< / a > > < / code > < / p >
< table class = "memberdecls" >
< tr > < td colspan = "2" > < h2 > < a name = "pub-attribs" > < / a >
Data Fields< / h2 > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > unsigned int < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#af8408be5da59cda853442dd13465c0f6" > gid< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > unsigned int < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a3349aa68d2234f8ffd897367c3a8a137" > sid< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > unsigned int < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a864d3baa48586d6a31639f4cd27d9d37" > rev< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > unsigned short < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a25661fa4e212c5e30af5e6a892985ec9" > priority< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > char * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#ac0902d7c756ec675fb06347ce4706135" > desc< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > char * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#aa89585e14acb2c4e684a1552d322632f" > classification< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > time_t < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a10a67f60ca3da339a2104849a0b2ac19" > timestamp< / a > < / td > < / tr >
2010-09-04 21:33:53 +02:00
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a3f3c47f9baf3229d067504a85873b416" > ip_tos< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#ad3ffe99036513d5f33b94d22fb84f8f1" > ip_len< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a2fc673dec85a7b49dd16ac7c0bb1bb78" > ip_id< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a3c9bbe84ec696cd58668a45799a66600" > ip_ttl< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a5ea7b250ac1c472f3ab57565b6df2536" > ip_proto< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a194117c57a52933d16a97838562bb611" > ip_src_addr< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a754ca683593c838e4032fa8c13b1512b" > ip_dst_addr< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a4d4cbdbd9675f4c43545547f55174cb7" > tcp_src_port< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#aaca31cb67d48ffc3bfd1227686d5f5a4" > tcp_dst_port< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#ad6edf59fccea55bf5f940bf36117020b" > tcp_seq< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a8aac577224a4325ec50511c6d79b4b79" > tcp_ack< / a > < / td > < / tr >
2010-08-16 22:09:34 +02:00
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#aa643f11db93b70242b57f0a04775e507" > tcp_flags< / a > < / td > < / tr >
2010-09-04 21:33:53 +02:00
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a1687fccc26bb211591db8b36ffec5348" > tcp_window< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#ab7e0507050b8e475fea7a4b26c768857" > tcp_len< / a > < / td > < / tr >
2010-08-16 22:09:34 +02:00
< tr > < td class = "memItemLeft" align = "right" valign = "top" > struct < a class = "el" href = "structpkt__info.html" > pkt_info< / a > * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a09dfe0a841fd3912ec78060d4547cb31" > stream< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > struct < a class = "el" href = "struct__AI__snort__alert.html" > _AI_snort_alert< / a > * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#aa8336d4b3359015ed8ea312ca1fd1173" > next< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "struct__hierarchy__node.html" > hierarchy_node< / a > * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#ac53765584296ead1328eabfaba8a3aed" > h_node< / a > [CLUSTER_TYPES]< / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > unsigned int < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a285aff12d6bac03c316ccc5305d28e53" > grouped_alarms_count< / a > < / td > < / tr >
2010-09-11 12:45:30 +02:00
< tr > < td class = "memItemLeft" align = "right" valign = "top" > < a class = "el" href = "structAI__hyperalert__info.html" > AI_hyperalert_info< / a > * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#ac101de15b4f9451f235b82122f77b62a" > hyperalert< / a > < / td > < / tr >
2010-09-14 19:24:03 +02:00
< tr > < td class = "memItemLeft" align = "right" valign = "top" > struct < a class = "el" href = "struct__AI__snort__alert.html" > _AI_snort_alert< / a > * < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a55a5488c7ee7706ded4c16b1235fd9c7" > previous_correlated< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > struct < a class = "el" href = "struct__AI__snort__alert.html" > _AI_snort_alert< / a > ** < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#aac5e4078600ed17532db1f3d78165390" > derived_alerts< / a > < / td > < / tr >
< tr > < td class = "memItemLeft" align = "right" valign = "top" > unsigned int < / td > < td class = "memItemRight" valign = "bottom" > < a class = "el" href = "struct__AI__snort__alert.html#a1f2d5e8cfd0e6321b977173d1e90cb68" > n_derived_alerts< / a > < / td > < / tr >
2010-08-16 22:09:34 +02:00
< / table >
2010-09-04 21:33:53 +02:00
< hr / > < a name = "_details" > < / a > < h2 > Detailed Description< / h2 >
< p > Data type for Snort alerts < / p >
2010-08-16 22:09:34 +02:00
< hr / > < h2 > Field Documentation< / h2 >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "aa89585e14acb2c4e684a1552d322632f" > < / a > <!-- doxytag: member="_AI_snort_alert::classification" ref="aa89585e14acb2c4e684a1552d322632f" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > char* < a class = "el" href = "struct__AI__snort__alert.html#aa89585e14acb2c4e684a1552d322632f" > _AI_snort_alert::classification< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-09-14 19:24:03 +02:00
< / div >
< / div >
< a class = "anchor" id = "aac5e4078600ed17532db1f3d78165390" > < / a > <!-- doxytag: member="_AI_snort_alert::derived_alerts" ref="aac5e4078600ed17532db1f3d78165390" args="" -->
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > struct < a class = "el" href = "struct__AI__snort__alert.html" > _AI_snort_alert< / a > ** < a class = "el" href = "struct__AI__snort__alert.html#aac5e4078600ed17532db1f3d78165390" > _AI_snort_alert::derived_alerts< / a > < / td >
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< p > Array of directly correlated 'derived' alerts from the current one, if any < / p >
2010-08-16 22:09:34 +02:00
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "ac0902d7c756ec675fb06347ce4706135" > < / a > <!-- doxytag: member="_AI_snort_alert::desc" ref="ac0902d7c756ec675fb06347ce4706135" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > char* < a class = "el" href = "struct__AI__snort__alert.html#ac0902d7c756ec675fb06347ce4706135" > _AI_snort_alert::desc< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "af8408be5da59cda853442dd13465c0f6" > < / a > <!-- doxytag: member="_AI_snort_alert::gid" ref="af8408be5da59cda853442dd13465c0f6" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > unsigned int < a class = "el" href = "struct__AI__snort__alert.html#af8408be5da59cda853442dd13465c0f6" > _AI_snort_alert::gid< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a285aff12d6bac03c316ccc5305d28e53" > < / a > <!-- doxytag: member="_AI_snort_alert::grouped_alarms_count" ref="a285aff12d6bac03c316ccc5305d28e53" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > unsigned int < a class = "el" href = "struct__AI__snort__alert.html#a285aff12d6bac03c316ccc5305d28e53" > _AI_snort_alert::grouped_alarms_count< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-09-11 12:45:30 +02:00
< p > If the clustering algorithm is used, we also count how many alerts this single alert groups < / p >
2010-08-16 22:09:34 +02:00
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "ac53765584296ead1328eabfaba8a3aed" > < / a > <!-- doxytag: member="_AI_snort_alert::h_node" ref="ac53765584296ead1328eabfaba8a3aed" args="[CLUSTER_TYPES]" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "struct__hierarchy__node.html" > hierarchy_node< / a > * < a class = "el" href = "struct__AI__snort__alert.html#ac53765584296ead1328eabfaba8a3aed" > _AI_snort_alert::h_node< / a > [CLUSTER_TYPES]< / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-09-11 12:45:30 +02:00
< p > Hierarchies for addresses and ports, if the clustering algorithm is used < / p >
< / div >
< / div >
< a class = "anchor" id = "ac101de15b4f9451f235b82122f77b62a" > < / a > <!-- doxytag: member="_AI_snort_alert::hyperalert" ref="ac101de15b4f9451f235b82122f77b62a" args="" -->
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > < a class = "el" href = "structAI__hyperalert__info.html" > AI_hyperalert_info< / a > * < a class = "el" href = "struct__AI__snort__alert.html#ac101de15b4f9451f235b82122f77b62a" > _AI_snort_alert::hyperalert< / a > < / td >
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< p > Hyperalert information, pre-conditions and post-conditions < / p >
2010-08-16 22:09:34 +02:00
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a754ca683593c838e4032fa8c13b1512b" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_dst_addr" ref="a754ca683593c838e4032fa8c13b1512b" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a754ca683593c838e4032fa8c13b1512b" > _AI_snort_alert::ip_dst_addr< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a2fc673dec85a7b49dd16ac7c0bb1bb78" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_id" ref="a2fc673dec85a7b49dd16ac7c0bb1bb78" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a2fc673dec85a7b49dd16ac7c0bb1bb78" > _AI_snort_alert::ip_id< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "ad3ffe99036513d5f33b94d22fb84f8f1" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_len" ref="ad3ffe99036513d5f33b94d22fb84f8f1" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#ad3ffe99036513d5f33b94d22fb84f8f1" > _AI_snort_alert::ip_len< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a5ea7b250ac1c472f3ab57565b6df2536" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_proto" ref="a5ea7b250ac1c472f3ab57565b6df2536" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a5ea7b250ac1c472f3ab57565b6df2536" > _AI_snort_alert::ip_proto< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a194117c57a52933d16a97838562bb611" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_src_addr" ref="a194117c57a52933d16a97838562bb611" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a194117c57a52933d16a97838562bb611" > _AI_snort_alert::ip_src_addr< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a3f3c47f9baf3229d067504a85873b416" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_tos" ref="a3f3c47f9baf3229d067504a85873b416" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a3f3c47f9baf3229d067504a85873b416" > _AI_snort_alert::ip_tos< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a3c9bbe84ec696cd58668a45799a66600" > < / a > <!-- doxytag: member="_AI_snort_alert::ip_ttl" ref="a3c9bbe84ec696cd58668a45799a66600" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a3c9bbe84ec696cd58668a45799a66600" > _AI_snort_alert::ip_ttl< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-09-14 19:24:03 +02:00
< / div >
< / div >
< a class = "anchor" id = "a1f2d5e8cfd0e6321b977173d1e90cb68" > < / a > <!-- doxytag: member="_AI_snort_alert::n_derived_alerts" ref="a1f2d5e8cfd0e6321b977173d1e90cb68" args="" -->
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > unsigned int < a class = "el" href = "struct__AI__snort__alert.html#a1f2d5e8cfd0e6321b977173d1e90cb68" > _AI_snort_alert::n_derived_alerts< / a > < / td >
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< p > Number of derived alerts < / p >
2010-08-16 22:09:34 +02:00
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "aa8336d4b3359015ed8ea312ca1fd1173" > < / a > <!-- doxytag: member="_AI_snort_alert::next" ref="aa8336d4b3359015ed8ea312ca1fd1173" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > struct < a class = "el" href = "struct__AI__snort__alert.html" > _AI_snort_alert< / a > * < a class = "el" href = "struct__AI__snort__alert.html#aa8336d4b3359015ed8ea312ca1fd1173" > _AI_snort_alert::next< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-09-11 12:45:30 +02:00
< p > Pointer to the next alert in the log, if any < / p >
2010-08-16 22:09:34 +02:00
2010-09-14 19:24:03 +02:00
< / div >
< / div >
< a class = "anchor" id = "a55a5488c7ee7706ded4c16b1235fd9c7" > < / a > <!-- doxytag: member="_AI_snort_alert::previous_correlated" ref="a55a5488c7ee7706ded4c16b1235fd9c7" args="" -->
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > struct < a class = "el" href = "struct__AI__snort__alert.html" > _AI_snort_alert< / a > * < a class = "el" href = "struct__AI__snort__alert.html#a55a5488c7ee7706ded4c16b1235fd9c7" > _AI_snort_alert::previous_correlated< / a > < / td >
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-08-16 22:09:34 +02:00
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a25661fa4e212c5e30af5e6a892985ec9" > < / a > <!-- doxytag: member="_AI_snort_alert::priority" ref="a25661fa4e212c5e30af5e6a892985ec9" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > unsigned short < a class = "el" href = "struct__AI__snort__alert.html#a25661fa4e212c5e30af5e6a892985ec9" > _AI_snort_alert::priority< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a864d3baa48586d6a31639f4cd27d9d37" > < / a > <!-- doxytag: member="_AI_snort_alert::rev" ref="a864d3baa48586d6a31639f4cd27d9d37" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > unsigned int < a class = "el" href = "struct__AI__snort__alert.html#a864d3baa48586d6a31639f4cd27d9d37" > _AI_snort_alert::rev< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
< a class = "anchor" id = "a3349aa68d2234f8ffd897367c3a8a137" > < / a > <!-- doxytag: member="_AI_snort_alert::sid" ref="a3349aa68d2234f8ffd897367c3a8a137" args="" -->
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > unsigned int < a class = "el" href = "struct__AI__snort__alert.html#a3349aa68d2234f8ffd897367c3a8a137" > _AI_snort_alert::sid< / a > < / td >
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a09dfe0a841fd3912ec78060d4547cb31" > < / a > <!-- doxytag: member="_AI_snort_alert::stream" ref="a09dfe0a841fd3912ec78060d4547cb31" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > struct < a class = "el" href = "structpkt__info.html" > pkt_info< / a > * < a class = "el" href = "struct__AI__snort__alert.html#a09dfe0a841fd3912ec78060d4547cb31" > _AI_snort_alert::stream< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
2010-09-11 12:45:30 +02:00
< p > Reference to the TCP stream associated to the alert, if any < / p >
2010-08-16 22:09:34 +02:00
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a8aac577224a4325ec50511c6d79b4b79" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_ack" ref="a8aac577224a4325ec50511c6d79b4b79" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a8aac577224a4325ec50511c6d79b4b79" > _AI_snort_alert::tcp_ack< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "aaca31cb67d48ffc3bfd1227686d5f5a4" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_dst_port" ref="aaca31cb67d48ffc3bfd1227686d5f5a4" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#aaca31cb67d48ffc3bfd1227686d5f5a4" > _AI_snort_alert::tcp_dst_port< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
< a class = "anchor" id = "aa643f11db93b70242b57f0a04775e507" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_flags" ref="aa643f11db93b70242b57f0a04775e507" args="" -->
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#aba7bc1797add20fe3efdf37ced1182c5" > uint8_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#aa643f11db93b70242b57f0a04775e507" > _AI_snort_alert::tcp_flags< / a > < / td >
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "ab7e0507050b8e475fea7a4b26c768857" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_len" ref="ab7e0507050b8e475fea7a4b26c768857" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#ab7e0507050b8e475fea7a4b26c768857" > _AI_snort_alert::tcp_len< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "ad6edf59fccea55bf5f940bf36117020b" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_seq" ref="ad6edf59fccea55bf5f940bf36117020b" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a435d1572bf3f880d55459d9805097f62" > uint32_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#ad6edf59fccea55bf5f940bf36117020b" > _AI_snort_alert::tcp_seq< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a4d4cbdbd9675f4c43545547f55174cb7" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_src_port" ref="a4d4cbdbd9675f4c43545547f55174cb7" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a4d4cbdbd9675f4c43545547f55174cb7" > _AI_snort_alert::tcp_src_port< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a1687fccc26bb211591db8b36ffec5348" > < / a > <!-- doxytag: member="_AI_snort_alert::tcp_window" ref="a1687fccc26bb211591db8b36ffec5348" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > < a class = "el" href = "spp__ai_8h.html#a273cf69d639a59973b6019625df33e30" > uint16_t< / a > < a class = "el" href = "struct__AI__snort__alert.html#a1687fccc26bb211591db8b36ffec5348" > _AI_snort_alert::tcp_window< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
2010-09-04 21:33:53 +02:00
< a class = "anchor" id = "a10a67f60ca3da339a2104849a0b2ac19" > < / a > <!-- doxytag: member="_AI_snort_alert::timestamp" ref="a10a67f60ca3da339a2104849a0b2ac19" args="" -->
2010-08-16 22:09:34 +02:00
< div class = "memitem" >
< div class = "memproto" >
< table class = "memname" >
< tr >
2010-09-04 21:33:53 +02:00
< td class = "memname" > time_t < a class = "el" href = "struct__AI__snort__alert.html#a10a67f60ca3da339a2104849a0b2ac19" > _AI_snort_alert::timestamp< / a > < / td >
2010-08-16 22:09:34 +02:00
< / tr >
< / table >
< / div >
< div class = "memdoc" >
< / div >
< / div >
< hr / > The documentation for this struct was generated from the following file:< ul >
< li > < a class = "el" href = "spp__ai_8h_source.html" > spp_ai.h< / a > < / li >
< / ul >
< / div >
<!-- - window showing the filter options -->
< div id = "MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
< a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(0)" > < span class = "SelectionMark" > < / span > All< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(1)" > < span class = "SelectionMark" > < / span > Data Structures< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(2)" > < span class = "SelectionMark" > < / span > Files< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(3)" > < span class = "SelectionMark" > < / span > Functions< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(4)" > < span class = "SelectionMark" > < / span > Variables< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(5)" > < span class = "SelectionMark" > < / span > Typedefs< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(6)" > < span class = "SelectionMark" > < / span > Enumerations< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(7)" > < span class = "SelectionMark" > < / span > Enumerator< / a > < a class = "SelectItem" href = "javascript:void(0)" onclick = "searchBox.OnSelectItem(8)" > < span class = "SelectionMark" > < / span > Defines< / a > < / div >
<!-- iframe showing the search results (closed by default) -->
< div id = "MSearchResultsWindow" >
< iframe src = "" frameborder = "0"
name="MSearchResults" id="MSearchResults">
< / iframe >
< / div >
2010-09-14 19:24:03 +02:00
< hr class = "footer" / > < address class = "footer" > < small > Generated on Tue Sep 14 2010 19:23:42 for Snort AI preprocessor module by
2010-08-16 22:09:34 +02:00
< a href = "http://www.doxygen.org/index.html" >
< img class = "footer" src = "doxygen.png" alt = "doxygen" / > < / a > 1.7.1 < / small > < / address >
< / body >
< / html >