Has anyone written rules that help audit for GLBA or HIPPA compliance?
It would be nice to use Snort with a few custom rules to detect social
security numbers, account numbers, etc..

The only solution I have found for this type of auditing is vericeptor
and it is way to expesive since I know Snort can detect this type of
information.

Anyone have any suggestions? Should I use regex or PCRE to write
rules that use regular expressions?

Any advice or feedback would be welcome.

Thanks,
Keith