Suricata rules Rev and Sid

https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Meta-settings

Sid (signature id)

The keyword sid gives every signature its own id. This id is stated with a number.

The format of sid is:

sid:123;

Example of sid in a signature:

In this example the red, bold-faced part is the sid.

Rev (Revision)【popexizhi： 是sid的版本号吧】

The sid keyword is almost every time accompanied by rev. Rev represents the version of the signature. If a signature is modified, the number of rev will be incremented by the signature writers.
The format of rev is:

rev:123;
 

It is a convention that sid comes before rev, and both are the last of all keywords.

Example of rev in a signature:

In this example the red, bold-faced part is the rev.