This document is not a guide about how to fine-tune a sensor to nail out false positives and such, it just tries to summarize different approaches you can take after deciding that you in fact want to stop an alert from firing. Also, while Snort supports different kind of thresholding, this document is only about how to shut down specific alerts completely. The content reflects my personal opinions, which may not be valid in your environment, or even correct.
SnortALog is a powerfull perl script that summarizes snort logs making it easy to view any attacks against your network.
SnortALog works with all versions of SNORT and is the only script who can analyse snort's logs in all formats (Syslog, Fast and Full alerts). Also, it is able to summarize Fw-1 (NG and 4.1), Netfilter and IPFilter logs in a simmilar way.
Symantec DeepSight Analyzer is a free service that gives you the ability to track and manage attacks on your computer. Sending your 'alert.log' to Symantecs DeepSight Analyzer, they will automatically correlate attacks from your Snort based Intrusion Detection Systems log (alert.ids), sending you a comprehensive view of your computer or general network.