search for: alert_incomplet

...y mistakes, or things that could be simplified more. Rules are below: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: .$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: (\`|\\+)-.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: alert_fragments: (INACTIVE|ACTIVE)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: alert_incomplete: (INACTIVE|ACTIVE)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: alert_large_fragments: (INACTIVE|ACTIVE)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: alert_multiple_requests: (INACTIVE|ACTIVE)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snort: Detect Protocols: [[:alpha:]].*$ ^\w{3} [ :0-9]{11} [....