make example rules clear

_posts/rules/2021-03-15-drop-localhost.md

@@ -1,6 +1,6 @@
 ---
 title: Example Truncate PCAP localhost
-description: 'Drop all localhost packets after the first 20. Two rules are needed so we drop traffic both to and from localhost.'
+description: 'These example rules drop all localhost packets after the first 20. Two rules are needed so we drop traffic both to and from localhost.'
 tags: maxPacketsToSave fieldSet localhost
 ---
 

_posts/rules/2021-03-15-drop-syn-scan.md

@@ -1,6 +1,6 @@
 ---
 title: Drop Syn Scan
-description: 'Drop all syn scans from saving the session to Elasticsearch. It requires packets.src = 1, packets.dst = 0, and tcpflags.syn = 1.'
+description: 'This rule drops all syn scans from saving the session to Elasticsearch. It requires packets.src = 1, packets.dst = 0, and tcpflags.syn = 1.'
 tags: syn scan drop dontSaveSPI
 ---
 

_posts/rules/2021-03-15-drop-tls.md

@@ -1,6 +1,6 @@
 ---
 title: Truncate TLS
-description: 'Only save the first 20 packets of TLS sessions. The packets will still be counted and processed but not saved to disk.'
+description: 'This rule will only save the first 20 packets of TLS sessions. The packets will still be counted and processed but not saved to disk.'
 tags: tls truncate fieldSet
 ---
 

_posts/rules/2021-03-15-tls.md

@@ -1,6 +1,6 @@
 ---
 title: Set Protocols
-description: 'If the protocols field is set to tls and the host.http is set to www.aol.com, mail.google.com, or foo.bar.com, then add tlsrulestest to the protocols field.'
+description: 'This example rule adds tlsrulestest to the protocols field if the protocols field is set to tls and the host.http is set to www.aol.com, mail.google.com, or foo.bar.com.'
 tags: tls setfield
 ---