2010-08-14 14:30:41 +02:00
|
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
|
|
<head>
|
|
|
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
|
|
|
<title>Snort AI preprocessor module: Data Fields</title>
|
|
|
|
<link href="tabs.css" rel="stylesheet" type="text/css"/>
|
|
|
|
<link href="search/search.css" rel="stylesheet" type="text/css"/>
|
|
|
|
<script type="text/javaScript" src="search/search.js"></script>
|
|
|
|
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
|
|
|
|
</head>
|
|
|
|
<body onload='searchBox.OnSelectItem(0);'>
|
|
|
|
<!-- Generated by Doxygen 1.7.1 -->
|
|
|
|
<script type="text/javascript"><!--
|
|
|
|
var searchBox = new SearchBox("searchBox", "search",false,'Search');
|
|
|
|
--></script>
|
|
|
|
<div class="navigation" id="top">
|
|
|
|
<div class="tabs">
|
|
|
|
<ul class="tablist">
|
|
|
|
<li><a href="index.html"><span>Main Page</span></a></li>
|
|
|
|
<li><a href="modules.html"><span>Modules</span></a></li>
|
|
|
|
<li><a href="annotated.html"><span>Data Structures</span></a></li>
|
|
|
|
<li class="current"><a href="files.html"><span>Files</span></a></li>
|
|
|
|
<li id="searchli">
|
|
|
|
<div id="MSearchBox" class="MSearchBoxInactive">
|
|
|
|
<span class="left">
|
|
|
|
<img id="MSearchSelect" src="search/mag_sel.png"
|
|
|
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
|
|
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
|
|
|
alt=""/>
|
|
|
|
<input type="text" id="MSearchField" value="Search" accesskey="S"
|
|
|
|
onfocus="searchBox.OnSearchFieldFocus(true)"
|
|
|
|
onblur="searchBox.OnSearchFieldFocus(false)"
|
|
|
|
onkeyup="searchBox.OnSearchFieldChange(event)"/>
|
|
|
|
</span><span class="right">
|
|
|
|
<a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
|
|
|
|
</span>
|
|
|
|
</div>
|
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
</div>
|
|
|
|
<div class="tabs2">
|
|
|
|
<ul class="tablist">
|
|
|
|
<li><a href="files.html"><span>File List</span></a></li>
|
|
|
|
<li class="current"><a href="globals.html"><span>Globals</span></a></li>
|
|
|
|
</ul>
|
|
|
|
</div>
|
|
|
|
<div class="tabs2">
|
|
|
|
<ul class="tablist">
|
|
|
|
<li><a href="globals.html"><span>All</span></a></li>
|
|
|
|
<li class="current"><a href="globals_func.html"><span>Functions</span></a></li>
|
|
|
|
<li><a href="globals_vars.html"><span>Variables</span></a></li>
|
|
|
|
<li><a href="globals_type.html"><span>Typedefs</span></a></li>
|
|
|
|
<li><a href="globals_enum.html"><span>Enumerations</span></a></li>
|
|
|
|
<li><a href="globals_eval.html"><span>Enumerator</span></a></li>
|
|
|
|
<li><a href="globals_defs.html"><span>Defines</span></a></li>
|
|
|
|
</ul>
|
|
|
|
</div>
|
2010-08-16 22:09:34 +02:00
|
|
|
<div class="tabs3">
|
|
|
|
<ul class="tablist">
|
|
|
|
<li><a href="#index__"><span>_</span></a></li>
|
|
|
|
<li><a href="#index_a"><span>a</span></a></li>
|
|
|
|
<li><a href="#index_p"><span>p</span></a></li>
|
2010-09-11 12:45:30 +02:00
|
|
|
<li><a href="#index_s"><span>s</span></a></li>
|
2010-08-16 22:09:34 +02:00
|
|
|
</ul>
|
|
|
|
</div>
|
2010-08-14 14:30:41 +02:00
|
|
|
</div>
|
|
|
|
<div class="contents">
|
2010-08-16 22:09:34 +02:00
|
|
|
|
|
|
|
|
|
|
|
<h3><a class="anchor" id="index__"></a>- _ -</h3><ul>
|
|
|
|
<li>_AI_check_duplicate()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga29c35cd6c56f54e27b5b190c6d6c487a">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>_AI_cluster_thread()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga8a5eae61dc9fd0f13e0acdfa5f4478e2">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>_AI_copy_alerts()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__alert__parser.html#ga6c5014cae9155379fdc4db649b2c862d">alert_parser.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
2010-09-11 02:12:39 +02:00
|
|
|
<li>_AI_copy_clustered_alerts()
|
|
|
|
: <a class="el" href="group__cluster.html#gab4c8ab92691e85a6f0ac4abb122712fd">cluster.c</a>
|
|
|
|
</li>
|
2010-09-11 12:45:30 +02:00
|
|
|
<li>_AI_correlation_coefficient()
|
|
|
|
: <a class="el" href="group__correlation.html#ga130e82017fc0abcb76b1a7740ae2f4df">correlation.c</a>
|
|
|
|
</li>
|
2010-08-16 22:09:34 +02:00
|
|
|
<li>_AI_equal_alarms()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga0f91c8bfc37a3975f5c26b19fd6c5cba">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>_AI_get_min_hierarchy_node()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga6ddddcd505b1f763c339e81fc143e079">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
2010-09-11 02:12:39 +02:00
|
|
|
<li>_AI_hyperalert_from_XML()
|
2010-09-11 12:45:30 +02:00
|
|
|
: <a class="el" href="group__correlation.html#ga929e5c17fdb247a998d83ed6a4ae5a65">correlation.c</a>
|
|
|
|
</li>
|
|
|
|
<li>_AI_macro_subst()
|
|
|
|
: <a class="el" href="group__correlation.html#ga0d094eae1d014d89a2de21263fa747da">correlation.c</a>
|
2010-09-11 02:12:39 +02:00
|
|
|
</li>
|
2010-08-16 22:09:34 +02:00
|
|
|
<li>_AI_merge_alerts()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga8ce8e5a5d8954672297fa2dedb380dcd">cluster.c</a>
|
|
|
|
</li>
|
2010-08-16 22:09:34 +02:00
|
|
|
<li>_AI_print_clustered_alerts()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga7d151880080470b542e99643dc0426a7">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
2010-08-14 14:30:41 +02:00
|
|
|
<li>_AI_stream_free()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__stream.html#ga80016adf701c717a6ebfb5b15b8a5749">stream.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>_heuristic_func()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga81f5fa721719fdb281595a568eef2101">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>_hierarchy_node_append()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga5601a1f603d9c870ef6e2df192e30c30">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>_hierarchy_node_new()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga2f1a22cfea64e4669da0467620c3e3b3">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
</ul>
|
|
|
|
|
|
|
|
|
|
|
|
<h3><a class="anchor" id="index_a"></a>- a -</h3><ul>
|
2010-09-11 02:12:39 +02:00
|
|
|
<li>AI_alert_correlation_thread()
|
|
|
|
: <a class="el" href="group__correlation.html#ga939353a4e15de7a8f4145ab986f584be">correlation.c</a>
|
|
|
|
, <a class="el" href="group__correlation.html#ga939353a4e15de7a8f4145ab986f584be">spp_ai.h</a>
|
|
|
|
</li>
|
2010-09-04 21:33:53 +02:00
|
|
|
<li>AI_file_alertparser_thread()
|
2010-09-11 02:12:39 +02:00
|
|
|
: <a class="el" href="group__alert__parser.html#ga5aab8d9bdf0e92a51731442fd787f61f">spp_ai.h</a>
|
|
|
|
, <a class="el" href="group__alert__parser.html#ga5aab8d9bdf0e92a51731442fd787f61f">alert_parser.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>AI_free_alerts()
|
2010-09-11 02:12:39 +02:00
|
|
|
: <a class="el" href="group__alert__parser.html#ga270e86669a0aa64a8da37bc16cda645b">alert_parser.c</a>
|
|
|
|
, <a class="el" href="group__alert__parser.html#ga270e86669a0aa64a8da37bc16cda645b">spp_ai.h</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>AI_get_alerts()
|
2010-09-11 02:12:39 +02:00
|
|
|
: <a class="el" href="group__alert__parser.html#ga99474495643197b3075ac22ec6f6c70f">spp_ai.h</a>
|
|
|
|
, <a class="el" href="group__alert__parser.html#ga99474495643197b3075ac22ec6f6c70f">alert_parser.c</a>
|
|
|
|
</li>
|
|
|
|
<li>AI_get_clustered_alerts()
|
|
|
|
: <a class="el" href="group__cluster.html#ga2553c678eeb83282c230d649a0e8fcd4">cluster.c</a>
|
|
|
|
, <a class="el" href="group__cluster.html#ga2553c678eeb83282c230d649a0e8fcd4">spp_ai.h</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
<li>AI_get_stream_by_key()
|
2010-09-11 02:12:39 +02:00
|
|
|
: <a class="el" href="group__stream.html#ga2efedcabbfd12c5345f0c93a3dd4735c">spp_ai.h</a>
|
|
|
|
, <a class="el" href="group__stream.html#ga2efedcabbfd12c5345f0c93a3dd4735c">stream.c</a>
|
2010-08-14 14:30:41 +02:00
|
|
|
</li>
|
|
|
|
<li>AI_hashcleanup_thread()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__stream.html#ga24b1131374e5059564b8a12380c4eb75">spp_ai.h</a>
|
|
|
|
, <a class="el" href="group__stream.html#ga24b1131374e5059564b8a12380c4eb75">stream.c</a>
|
2010-08-14 14:30:41 +02:00
|
|
|
</li>
|
2010-08-16 22:09:34 +02:00
|
|
|
<li>AI_hierarchies_build()
|
2010-09-11 02:12:39 +02:00
|
|
|
: <a class="el" href="group__cluster.html#ga1445818b37483f78cc3fb2890155842c">spp_ai.h</a>
|
|
|
|
, <a class="el" href="group__cluster.html#ga1445818b37483f78cc3fb2890155842c">cluster.c</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
2010-08-14 14:30:41 +02:00
|
|
|
<li>AI_init()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__spp__ai.html#ga3524cbdf8fddbcf38c4ed55241002242">spp_ai.c</a>
|
|
|
|
</li>
|
2010-08-14 14:30:41 +02:00
|
|
|
<li>AI_parse()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__spp__ai.html#gae1c5c4b38ee2819d427848eb3046373e">spp_ai.c</a>
|
2010-08-14 14:30:41 +02:00
|
|
|
</li>
|
|
|
|
<li>AI_pkt_enqueue()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__stream.html#ga7d71c5645b9baff7b6c4b9a181bf80c5">stream.c</a>
|
|
|
|
, <a class="el" href="group__stream.html#ga7d71c5645b9baff7b6c4b9a181bf80c5">spp_ai.h</a>
|
2010-08-14 14:30:41 +02:00
|
|
|
</li>
|
|
|
|
<li>AI_process()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__spp__ai.html#ga57c05cda012c443cb4c358dc327cd3d1">spp_ai.c</a>
|
2010-08-14 14:30:41 +02:00
|
|
|
</li>
|
2010-08-16 22:09:34 +02:00
|
|
|
<li>AI_set_stream_observed()
|
2010-09-05 23:54:22 +02:00
|
|
|
: <a class="el" href="group__stream.html#ga8749989cee2ac05a7de058faac280c02">stream.c</a>
|
|
|
|
, <a class="el" href="group__stream.html#ga8749989cee2ac05a7de058faac280c02">spp_ai.h</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
2010-08-14 14:30:41 +02:00
|
|
|
<li>AI_setup()
|
2010-09-11 02:12:39 +02:00
|
|
|
: <a class="el" href="group__spp__ai.html#ga1b9ebb5c719c7d9426ddfc1f3da36570">spp_ai.c</a>
|
|
|
|
, <a class="el" href="group__spp__ai.html#ga1b9ebb5c719c7d9426ddfc1f3da36570">sf_preproc_info.h</a>
|
2010-08-14 14:30:41 +02:00
|
|
|
</li>
|
2010-08-16 22:09:34 +02:00
|
|
|
</ul>
|
|
|
|
|
|
|
|
|
|
|
|
<h3><a class="anchor" id="index_p"></a>- p -</h3><ul>
|
|
|
|
<li>preg_match()
|
2010-09-04 21:33:53 +02:00
|
|
|
: <a class="el" href="group__regex.html#ga35f57c052a7de1ded54b67a1f7819791">regex.c</a>
|
|
|
|
, <a class="el" href="group__regex.html#ga35f57c052a7de1ded54b67a1f7819791">spp_ai.h</a>
|
2010-08-16 22:09:34 +02:00
|
|
|
</li>
|
|
|
|
</ul>
|
2010-09-11 12:45:30 +02:00
|
|
|
|
|
|
|
|
|
|
|
<h3><a class="anchor" id="index_s"></a>- s -</h3><ul>
|
|
|
|
<li>str_replace()
|
|
|
|
: <a class="el" href="group__regex.html#ga736ba1abdc4938cbb1bf5861e7dbfd50">regex.c</a>
|
|
|
|
, <a class="el" href="group__regex.html#ga736ba1abdc4938cbb1bf5861e7dbfd50">spp_ai.h</a>
|
|
|
|
</li>
|
|
|
|
<li>str_replace_all()
|
|
|
|
: <a class="el" href="group__regex.html#gaff6c55cd04fc08dd582e244590dc25a4">regex.c</a>
|
|
|
|
, <a class="el" href="group__regex.html#gaff6c55cd04fc08dd582e244590dc25a4">spp_ai.h</a>
|
|
|
|
</li>
|
|
|
|
</ul>
|
2010-08-14 14:30:41 +02:00
|
|
|
</div>
|
|
|
|
<!--- window showing the filter options -->
|
|
|
|
<div id="MSearchSelectWindow"
|
|
|
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
|
|
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
|
|
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
|
|
|
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark"> </span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark"> </span>Data Structures</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark"> </span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark"> </span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark"> </span>Variables</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(5)"><span class="SelectionMark"> </span>Typedefs</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(6)"><span class="SelectionMark"> </span>Enumerations</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(7)"><span class="SelectionMark"> </span>Enumerator</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(8)"><span class="SelectionMark"> </span>Defines</a></div>
|
|
|
|
|
|
|
|
<!-- iframe showing the search results (closed by default) -->
|
|
|
|
<div id="MSearchResultsWindow">
|
|
|
|
<iframe src="" frameborder="0"
|
|
|
|
name="MSearchResults" id="MSearchResults">
|
|
|
|
</iframe>
|
|
|
|
</div>
|
|
|
|
|
2010-09-11 12:45:30 +02:00
|
|
|
<hr class="footer"/><address class="footer"><small>Generated on Sat Sep 11 2010 12:45:18 for Snort AI preprocessor module by
|
2010-08-14 14:30:41 +02:00
|
|
|
<a href="http://www.doxygen.org/index.html">
|
|
|
|
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.1 </small></address>
|
|
|
|
</body>
|
|
|
|
</html>
|