what is the difference between snort alert and snort log rule action?

[] [1:2002973:1] Sample alert [] - Alert Message msg "sample message" - Log Message

Both are messages. What is the difference between these messages ?

The two actions you mention do the following:

• alert Generates an alert then logs the packet
• log Just logs the packet (doesn't generate an alert)

The alert is a very simple overview of the event whereas the log is generally more detailed and contains a packet dump too.

Documentation for the rule actions can be found here