Does Network Firewall logging tell me the policy rule that was enforced?

I have alert logging enabled on my network firewall. Is there a way I can tell which stateful rule has caused the alert? I don't see anything obvious in the log json.

Reading the docs:

The event is controlled by Suricata, the open source intrusion prevention system (IPS) that the stateful rules engine runs on. Suricata writes the event information in the Suricata EVE JSON output format.

Does Suricata know which rule in my policy was triggered?

{
    "firewall_name": "firewall",
    "availability_zone": "ap-southeast-2a",
    "event_timestamp": "1656600550",
    "event": {
        "timestamp": "2022-06-30T14:49:10.144362+0000",
        "flow_id": 1056350291768298,
        "event_type": "alert",
        "src_ip": "..snip..",
        "src_port": 20133,
        "dest_ip": ".snip..",
        "dest_port": 1604,
        "proto": "UDP",
        "alert": {
            "action": "blocked",
            "signature_id": 2804670,
            "rev": 3,
            "signature": "VMware vCenter Chargeback Manager Information Disclosure",
            "category": "Attempted Information Leak",
            "severity": 2,
            "metadata": {
                "created_at": [
                    "2012_03_13"
                ],
                "updated_at": [
                    "2012_03_13"
                ]
            }
        },
        "app_proto": "failed"
    }
}