How to reference fields?

[edaustin]

Hi there

Given the rule (for example):

alert ip $HOME_NET any -> $EXTERNAL_NET any ( msg:"INDICATOR-COMPROMISE id check returned userid"; content:"uid=",nocase; content:" gid=",distance 0; pcre:"/uid=\d{1,5}\S+\s+gid=\d{1,5}/smi"; metadata:policy max-detect-i
ps drop,ruleset community; classtype:bad-unknown; sid:1882; rev:20; )

How do I extract the data from the content and pcre fields?
There is no content nor pcre fields to reference in the rule object, and the body fields don't seem to be referenced via an iterable.

Thanks!

[edaustin]

OK I found my answer looking at the source.

the field options is an iterable!

Could put in doc?