I'm getting hits from a Russian IP for a signature 2500066, but that signature doesn't show up in the signature tab. It looks like a general port scan because the source port stayed the same at 49730 and it hit a bunch of different destination ports at my WAN endpoint. I blocked it all the same but was wondering how I might get insight into what they may have been trying to do. Is there a public database of the current suricata definitions where I can look up this SID or another means to find out what it is? Thanks in advance for any advice!