priority

The priority option assigns a severity level to a given rule to enable appropriate event prioritizing. Although the builtin classifications set with classtype come with their own priority levels, rule writers can override those by using the priority option.

Valid priority levels are 1-2147483647, with 1 being the most severe and 2147483647 being the least severe.

A given rule should only have one priority declaration.

Format:

priority:severity_level;

Examples:

priority:1;

priority:10;