snort rule search in

The updated VRT Rule Search feature is now live on  Check it out at:

Full text search supports the following:
– Single keyword or SID search (ex ? ‘windows’, ‘mysql’, ‘linux’)
– Multiple keyword search (ex ? ‘windows 2000’, ‘mysql 4.10’)
– Multiple keyword search with terms joined by the AND, OR, and NOT boolean operators (ex ? ‘windows AND 2000 NOT xp’)
You can also search by rule fields to narrow your search results.  The available fields are:
– keyword
– cve
– bugtraq
– sid
See the search instructions at: for more information on using the enhanced search capabilities.

For those of you using BASE, keep an eye out for an upcoming release.  Kevin and the BASE team will be updating the direct links back to for rules documentation.

Finally, the next enhancement will be to add the ability to search by Microsoft advisory number.  We’ll make an announcement when that feature is enabled.

We’d love your feedback,  please email any comments or enhancement requests to  Our web developers monitor this list.


About this entry