new syslog format

["Jones, Benny" <Ben () wcom net>]

On the sensors that are running snort 1.8, I'm seeing a field in
my syslog alerts that looks like [1:0:0].  I've looked through the
docs, but can't find what this means.  I'm hoping the answer isn't
too awfully obvious, but could someone tell me what this is?  TIA.

Benny