/* matching string counts, and linking rules together */
rule string_counts
{
meta:
	author = "sir"
	date = "20110429"
	type = "String Match"
	description = "Matching strings in content"
	trigger = "true"
strings:
	$a = "foo"
	$b = "bar"
	$c = "baz"
condition:
	for any of them : ( # > 2 )
}

rule lots_of_orgle
{
meta:
	author = "sir"
	date = "20110429"
	type = "String Match"
	description = "Matching strings in content"
	trigger = "true"
strings:
	$a = "orgle"
condition:
	#a > 1 and string_counts
}