snort-users November 2009 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: [Snort-users] VRT Rule Search is Back on

[Snort-users] VRT Rule Search is Back on

From: Mike Guiterman <mguiterman_at_nospam>
Date: Wed Nov 04 2009 - 17:15:23 GMT
To: Snort Users List <>,

Hi everyone,

The updated VRT Rule Search feature is now live on Check it out at:

Full text search supports the following:

  • Single keyword or SID search (ex – ‘windows’, ‘mysql’, ‘linux’)
  • Multiple keyword search (ex – ‘windows 2000’, ‘mysql 4.10’)
  • Multiple keyword search with terms joined by the AND, OR, and NOTboolean operators (ex – ‘windows AND 2000 NOT xp’)

You can also search by rule fields to narrow your search results. The available fields are:

  • keyword
  • cve
  • bugtraq
  • sid

See the search instructions at: more information on using the enhanced search capabilities.

For those of you using BASE, keep an eye out for an upcoming release. Kevin and the BASE team will be updating the direct links back to for rules documentation.

Finally, the next enhancement will be to add the ability to search by Microsoft advisory number. We'll make an announcement when that feature is enabled.

We'd love your feedback, please email any comments or enhancement requests to Our web developers monitor this list.

Have a great day!


Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now.

Snort-users mailing list
Go to this URL to change user options or unsubscribe: Snort-users list archive: