suggestion?

["Slighter, Tim" <tslighter () itc nrcs usda gov>]

If what I am about to say is already present and available then please
disregard this post.

Otherwise, what are the possibilities for implementing event propagation
features into snort.  Say for example when snort alerts for a SubSeven Scan
and as everyone knows, this can generate thousands of alerts.  Is it
possible to build into the code or the conf/rules files an option that would
instruct snort to stop logging for this alert based upon the source address
and after "x" number of similar alerts for "x" amount of time?