ToolAlert

digraph ToolAlert {
	graph [bb="0,0,209,92",
		rankdir=LR
	];
	node [label="\N"];
	ToolAlert	 [height=1.2778,
		label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr> <td BGCOLOR="#999999" HREF="/idmef_parser/IDMEFv1/ToolAlert.html" TITLE="The ToolAlert class carries additional information related to the use of attack tools or malevolent programs such as Trojan horses and can be used by the analyzer when it is able to identify these tools. It is intended to group one or more previously-sent alerts together, to say &quot;these alerts were all the result of someone using this tool&quot;. "><FONT FACE="Nimbus Sans L">ToolAlert</FONT></td> </tr>" %<tr><td BGCOLOR="#BFBFBF"  HREF="/idmef_parser/IDMEFv1/ToolAlert.html" TITLE="The reason for grouping the alerts together, for example, the name of a particular tool."><FONT FACE="Nimbus Sans L">[STRING] name (Required)</FONT></td></tr>%<tr><td BGCOLOR="#BFBFBF"  HREF="/idmef_parser/IDMEFv1/ToolAlert.html" TITLE="The command or operation that the tool was asked to perform, for example, a BackOrifice ping."><FONT FACE="Nimbus Sans L">[STRING] command (Optional)</FONT></td></tr>%<tr><td BGCOLOR="#BFBFBF"  HREF="/idmef_parser/IDMEFv1/ToolAlert.html" TITLE="The list of alert identifiers that are related to this alert.  Because alert identifiers are only unique across the alerts sent by a single analyzer, the optional &quot;analyzerid&quot; attribute of &quot;alertident&quot; should be used to identify the analyzer that a particular alert came from.  If the &quot;analyzerid&quot; is not provided, the alert is assumed to have come from the same analyzer that is sending the ToolAlert."><FONT FACE="Nimbus Sans L">[STRING] alertident (Optional)</FONT></td></tr>%</table>>,
		pos="104.5,46",
		shape=plaintext,
		width=2.9028];
}