Snort_AIPreproc/doc/latex/struct__AI__snort__alert.tex

197 lines
15 KiB
TeX

\hypertarget{struct__AI__snort__alert}{
\section{\_\-AI\_\-snort\_\-alert Struct Reference}
\label{struct__AI__snort__alert}\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}}
}
{\ttfamily \#include $<$spp\_\-ai.h$>$}
\subsection*{Data Fields}
\begin{DoxyCompactItemize}
\item
unsigned int \hyperlink{struct__AI__snort__alert_af8408be5da59cda853442dd13465c0f6}{gid}
\item
unsigned int \hyperlink{struct__AI__snort__alert_a3349aa68d2234f8ffd897367c3a8a137}{sid}
\item
unsigned int \hyperlink{struct__AI__snort__alert_a864d3baa48586d6a31639f4cd27d9d37}{rev}
\item
unsigned short \hyperlink{struct__AI__snort__alert_a25661fa4e212c5e30af5e6a892985ec9}{priority}
\item
char $\ast$ \hyperlink{struct__AI__snort__alert_ac0902d7c756ec675fb06347ce4706135}{desc}
\item
char $\ast$ \hyperlink{struct__AI__snort__alert_aa89585e14acb2c4e684a1552d322632f}{classification}
\item
time\_\-t \hyperlink{struct__AI__snort__alert_a10a67f60ca3da339a2104849a0b2ac19}{timestamp}
\item
\hyperlink{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5}{uint8\_\-t} \hyperlink{struct__AI__snort__alert_a3f3c47f9baf3229d067504a85873b416}{ip\_\-tos}
\item
\hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \hyperlink{struct__AI__snort__alert_ad3ffe99036513d5f33b94d22fb84f8f1}{ip\_\-len}
\item
\hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \hyperlink{struct__AI__snort__alert_a2fc673dec85a7b49dd16ac7c0bb1bb78}{ip\_\-id}
\item
\hyperlink{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5}{uint8\_\-t} \hyperlink{struct__AI__snort__alert_a3c9bbe84ec696cd58668a45799a66600}{ip\_\-ttl}
\item
\hyperlink{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5}{uint8\_\-t} \hyperlink{struct__AI__snort__alert_a5ea7b250ac1c472f3ab57565b6df2536}{ip\_\-proto}
\item
\hyperlink{spp__ai_8h_a435d1572bf3f880d55459d9805097f62}{uint32\_\-t} \hyperlink{struct__AI__snort__alert_a194117c57a52933d16a97838562bb611}{ip\_\-src\_\-addr}
\item
\hyperlink{spp__ai_8h_a435d1572bf3f880d55459d9805097f62}{uint32\_\-t} \hyperlink{struct__AI__snort__alert_a754ca683593c838e4032fa8c13b1512b}{ip\_\-dst\_\-addr}
\item
\hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \hyperlink{struct__AI__snort__alert_a4d4cbdbd9675f4c43545547f55174cb7}{tcp\_\-src\_\-port}
\item
\hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \hyperlink{struct__AI__snort__alert_aaca31cb67d48ffc3bfd1227686d5f5a4}{tcp\_\-dst\_\-port}
\item
\hyperlink{spp__ai_8h_a435d1572bf3f880d55459d9805097f62}{uint32\_\-t} \hyperlink{struct__AI__snort__alert_ad6edf59fccea55bf5f940bf36117020b}{tcp\_\-seq}
\item
\hyperlink{spp__ai_8h_a435d1572bf3f880d55459d9805097f62}{uint32\_\-t} \hyperlink{struct__AI__snort__alert_a8aac577224a4325ec50511c6d79b4b79}{tcp\_\-ack}
\item
\hyperlink{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5}{uint8\_\-t} \hyperlink{struct__AI__snort__alert_aa643f11db93b70242b57f0a04775e507}{tcp\_\-flags}
\item
\hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \hyperlink{struct__AI__snort__alert_a1687fccc26bb211591db8b36ffec5348}{tcp\_\-window}
\item
\hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \hyperlink{struct__AI__snort__alert_ab7e0507050b8e475fea7a4b26c768857}{tcp\_\-len}
\item
struct \hyperlink{structpkt__info}{pkt\_\-info} $\ast$ \hyperlink{struct__AI__snort__alert_a09dfe0a841fd3912ec78060d4547cb31}{stream}
\item
struct \hyperlink{struct__AI__snort__alert}{\_\-AI\_\-snort\_\-alert} $\ast$ \hyperlink{struct__AI__snort__alert_aa8336d4b3359015ed8ea312ca1fd1173}{next}
\item
\hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$ \hyperlink{struct__AI__snort__alert_ac53765584296ead1328eabfaba8a3aed}{h\_\-node} \mbox{[}CLUSTER\_\-TYPES\mbox{]}
\item
unsigned int \hyperlink{struct__AI__snort__alert_a285aff12d6bac03c316ccc5305d28e53}{grouped\_\-alarms\_\-count}
\end{DoxyCompactItemize}
\subsection{Detailed Description}
Data type for Snort alerts
\subsection{Field Documentation}
\hypertarget{struct__AI__snort__alert_aa89585e14acb2c4e684a1552d322632f}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!classification@{classification}}
\index{classification@{classification}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{classification}]{\setlength{\rightskip}{0pt plus 5cm}char$\ast$ {\bf \_\-AI\_\-snort\_\-alert::classification}}}
\label{struct__AI__snort__alert_aa89585e14acb2c4e684a1552d322632f}
\hypertarget{struct__AI__snort__alert_ac0902d7c756ec675fb06347ce4706135}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!desc@{desc}}
\index{desc@{desc}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{desc}]{\setlength{\rightskip}{0pt plus 5cm}char$\ast$ {\bf \_\-AI\_\-snort\_\-alert::desc}}}
\label{struct__AI__snort__alert_ac0902d7c756ec675fb06347ce4706135}
\hypertarget{struct__AI__snort__alert_af8408be5da59cda853442dd13465c0f6}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!gid@{gid}}
\index{gid@{gid}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{gid}]{\setlength{\rightskip}{0pt plus 5cm}unsigned int {\bf \_\-AI\_\-snort\_\-alert::gid}}}
\label{struct__AI__snort__alert_af8408be5da59cda853442dd13465c0f6}
\hypertarget{struct__AI__snort__alert_a285aff12d6bac03c316ccc5305d28e53}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!grouped\_\-alarms\_\-count@{grouped\_\-alarms\_\-count}}
\index{grouped\_\-alarms\_\-count@{grouped\_\-alarms\_\-count}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{grouped\_\-alarms\_\-count}]{\setlength{\rightskip}{0pt plus 5cm}unsigned int {\bf \_\-AI\_\-snort\_\-alert::grouped\_\-alarms\_\-count}}}
\label{struct__AI__snort__alert_a285aff12d6bac03c316ccc5305d28e53}
\hypertarget{struct__AI__snort__alert_ac53765584296ead1328eabfaba8a3aed}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!h\_\-node@{h\_\-node}}
\index{h\_\-node@{h\_\-node}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{h\_\-node}]{\setlength{\rightskip}{0pt plus 5cm}{\bf hierarchy\_\-node}$\ast$ {\bf \_\-AI\_\-snort\_\-alert::h\_\-node}\mbox{[}CLUSTER\_\-TYPES\mbox{]}}}
\label{struct__AI__snort__alert_ac53765584296ead1328eabfaba8a3aed}
\hypertarget{struct__AI__snort__alert_a754ca683593c838e4032fa8c13b1512b}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-dst\_\-addr@{ip\_\-dst\_\-addr}}
\index{ip\_\-dst\_\-addr@{ip\_\-dst\_\-addr}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-dst\_\-addr}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint32\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-dst\_\-addr}}}
\label{struct__AI__snort__alert_a754ca683593c838e4032fa8c13b1512b}
\hypertarget{struct__AI__snort__alert_a2fc673dec85a7b49dd16ac7c0bb1bb78}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-id@{ip\_\-id}}
\index{ip\_\-id@{ip\_\-id}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-id}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint16\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-id}}}
\label{struct__AI__snort__alert_a2fc673dec85a7b49dd16ac7c0bb1bb78}
\hypertarget{struct__AI__snort__alert_ad3ffe99036513d5f33b94d22fb84f8f1}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-len@{ip\_\-len}}
\index{ip\_\-len@{ip\_\-len}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-len}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint16\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-len}}}
\label{struct__AI__snort__alert_ad3ffe99036513d5f33b94d22fb84f8f1}
\hypertarget{struct__AI__snort__alert_a5ea7b250ac1c472f3ab57565b6df2536}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-proto@{ip\_\-proto}}
\index{ip\_\-proto@{ip\_\-proto}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-proto}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint8\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-proto}}}
\label{struct__AI__snort__alert_a5ea7b250ac1c472f3ab57565b6df2536}
\hypertarget{struct__AI__snort__alert_a194117c57a52933d16a97838562bb611}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-src\_\-addr@{ip\_\-src\_\-addr}}
\index{ip\_\-src\_\-addr@{ip\_\-src\_\-addr}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-src\_\-addr}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint32\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-src\_\-addr}}}
\label{struct__AI__snort__alert_a194117c57a52933d16a97838562bb611}
\hypertarget{struct__AI__snort__alert_a3f3c47f9baf3229d067504a85873b416}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-tos@{ip\_\-tos}}
\index{ip\_\-tos@{ip\_\-tos}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-tos}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint8\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-tos}}}
\label{struct__AI__snort__alert_a3f3c47f9baf3229d067504a85873b416}
\hypertarget{struct__AI__snort__alert_a3c9bbe84ec696cd58668a45799a66600}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!ip\_\-ttl@{ip\_\-ttl}}
\index{ip\_\-ttl@{ip\_\-ttl}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{ip\_\-ttl}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint8\_\-t} {\bf \_\-AI\_\-snort\_\-alert::ip\_\-ttl}}}
\label{struct__AI__snort__alert_a3c9bbe84ec696cd58668a45799a66600}
\hypertarget{struct__AI__snort__alert_aa8336d4b3359015ed8ea312ca1fd1173}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!next@{next}}
\index{next@{next}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{next}]{\setlength{\rightskip}{0pt plus 5cm}struct {\bf \_\-AI\_\-snort\_\-alert}$\ast$ {\bf \_\-AI\_\-snort\_\-alert::next}}}
\label{struct__AI__snort__alert_aa8336d4b3359015ed8ea312ca1fd1173}
\hypertarget{struct__AI__snort__alert_a25661fa4e212c5e30af5e6a892985ec9}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!priority@{priority}}
\index{priority@{priority}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{priority}]{\setlength{\rightskip}{0pt plus 5cm}unsigned short {\bf \_\-AI\_\-snort\_\-alert::priority}}}
\label{struct__AI__snort__alert_a25661fa4e212c5e30af5e6a892985ec9}
\hypertarget{struct__AI__snort__alert_a864d3baa48586d6a31639f4cd27d9d37}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!rev@{rev}}
\index{rev@{rev}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{rev}]{\setlength{\rightskip}{0pt plus 5cm}unsigned int {\bf \_\-AI\_\-snort\_\-alert::rev}}}
\label{struct__AI__snort__alert_a864d3baa48586d6a31639f4cd27d9d37}
\hypertarget{struct__AI__snort__alert_a3349aa68d2234f8ffd897367c3a8a137}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!sid@{sid}}
\index{sid@{sid}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{sid}]{\setlength{\rightskip}{0pt plus 5cm}unsigned int {\bf \_\-AI\_\-snort\_\-alert::sid}}}
\label{struct__AI__snort__alert_a3349aa68d2234f8ffd897367c3a8a137}
\hypertarget{struct__AI__snort__alert_a09dfe0a841fd3912ec78060d4547cb31}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!stream@{stream}}
\index{stream@{stream}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{stream}]{\setlength{\rightskip}{0pt plus 5cm}struct {\bf pkt\_\-info}$\ast$ {\bf \_\-AI\_\-snort\_\-alert::stream}}}
\label{struct__AI__snort__alert_a09dfe0a841fd3912ec78060d4547cb31}
\hypertarget{struct__AI__snort__alert_a8aac577224a4325ec50511c6d79b4b79}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-ack@{tcp\_\-ack}}
\index{tcp\_\-ack@{tcp\_\-ack}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-ack}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint32\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-ack}}}
\label{struct__AI__snort__alert_a8aac577224a4325ec50511c6d79b4b79}
\hypertarget{struct__AI__snort__alert_aaca31cb67d48ffc3bfd1227686d5f5a4}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-dst\_\-port@{tcp\_\-dst\_\-port}}
\index{tcp\_\-dst\_\-port@{tcp\_\-dst\_\-port}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-dst\_\-port}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint16\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-dst\_\-port}}}
\label{struct__AI__snort__alert_aaca31cb67d48ffc3bfd1227686d5f5a4}
\hypertarget{struct__AI__snort__alert_aa643f11db93b70242b57f0a04775e507}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-flags@{tcp\_\-flags}}
\index{tcp\_\-flags@{tcp\_\-flags}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-flags}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint8\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-flags}}}
\label{struct__AI__snort__alert_aa643f11db93b70242b57f0a04775e507}
\hypertarget{struct__AI__snort__alert_ab7e0507050b8e475fea7a4b26c768857}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-len@{tcp\_\-len}}
\index{tcp\_\-len@{tcp\_\-len}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-len}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint16\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-len}}}
\label{struct__AI__snort__alert_ab7e0507050b8e475fea7a4b26c768857}
\hypertarget{struct__AI__snort__alert_ad6edf59fccea55bf5f940bf36117020b}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-seq@{tcp\_\-seq}}
\index{tcp\_\-seq@{tcp\_\-seq}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-seq}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint32\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-seq}}}
\label{struct__AI__snort__alert_ad6edf59fccea55bf5f940bf36117020b}
\hypertarget{struct__AI__snort__alert_a4d4cbdbd9675f4c43545547f55174cb7}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-src\_\-port@{tcp\_\-src\_\-port}}
\index{tcp\_\-src\_\-port@{tcp\_\-src\_\-port}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-src\_\-port}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint16\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-src\_\-port}}}
\label{struct__AI__snort__alert_a4d4cbdbd9675f4c43545547f55174cb7}
\hypertarget{struct__AI__snort__alert_a1687fccc26bb211591db8b36ffec5348}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!tcp\_\-window@{tcp\_\-window}}
\index{tcp\_\-window@{tcp\_\-window}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{tcp\_\-window}]{\setlength{\rightskip}{0pt plus 5cm}{\bf uint16\_\-t} {\bf \_\-AI\_\-snort\_\-alert::tcp\_\-window}}}
\label{struct__AI__snort__alert_a1687fccc26bb211591db8b36ffec5348}
\hypertarget{struct__AI__snort__alert_a10a67f60ca3da339a2104849a0b2ac19}{
\index{\_\-AI\_\-snort\_\-alert@{\_\-AI\_\-snort\_\-alert}!timestamp@{timestamp}}
\index{timestamp@{timestamp}!_AI_snort_alert@{\_\-AI\_\-snort\_\-alert}}
\subsubsection[{timestamp}]{\setlength{\rightskip}{0pt plus 5cm}time\_\-t {\bf \_\-AI\_\-snort\_\-alert::timestamp}}}
\label{struct__AI__snort__alert_a10a67f60ca3da339a2104849a0b2ac19}
The documentation for this struct was generated from the following file:\begin{DoxyCompactItemize}
\item
\hyperlink{spp__ai_8h}{spp\_\-ai.h}\end{DoxyCompactItemize}