Snort_AIPreproc/TODO

======================
AVERAGE/HIGH PRIORITY:
======================

- Dynamic k parameter in correlation threshold
- Testing more scenarios, making more hyperalert models
- Bayesian learning among alerts in alert log
- libgc support

=============
LOW PRIORITY:
=============

- Managing clusters for addresses, timestamps (and more?)

=====
DONE:
=====

+ PostgreSQL support
+ Regex comp cache
+ Managing hyperalert graph connection inside the alert structure itself
+ Keeping track of all the streams and alerts even after clustered
+ Dynamic cluster_min_size algorithm
Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00			`======================`
			`AVERAGE/HIGH PRIORITY:`
			`======================`

			`- Dynamic k parameter in correlation threshold`
			`- Testing more scenarios, making more hyperalert models`
Sept 11 2010 commit 2010-09-11 12:45:30 +02:00			`- Bayesian learning among alerts in alert log`
Correlation graphs, macro substitution improved 2010-09-14 19:24:03 +02:00			`- libgc support`
Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00
			`=============`
			`LOW PRIORITY:`
			`=============`
Sept 11 2010 commit 2010-09-11 12:45:30 +02:00
First commit for spp_ai 2010-08-14 14:30:41 +02:00			`- Managing clusters for addresses, timestamps (and more?)`

Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00			`=====`
			`DONE:`
			`=====`

			`+ PostgreSQL support`
			`+ Regex comp cache`
			`+ Managing hyperalert graph connection inside the alert structure itself`
			`+ Keeping track of all the streams and alerts even after clustered`
Clustering now improved 2010-09-18 16:42:11 +02:00			`+ Dynamic cluster_min_size algorithm`
Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00