Snort_AIPreproc/TODO

======================
AVERAGE/HIGH PRIORITY:
======================

- Testing more scenarios, making more hyperalert models

=============
LOW PRIORITY:
=============

- Managing clusters for addresses, timestamps (and more?)
- libgc support

=====
DONE:
=====

+ PostgreSQL support
+ Regex comp cache
+ Managing hyperalert graph connection inside the alert structure itself
+ Keeping track of all the streams and alerts even after clustered
+ Dynamic cluster_min_size algorithm
+ Add alerts' history serialization to db.c as well
+ Bayesian learning among alerts in alert log
Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00			`======================`
			`AVERAGE/HIGH PRIORITY:`
			`======================`

			`- Testing more scenarios, making more hyperalert models`

			`=============`
			`LOW PRIORITY:`
			`=============`
Sept 11 2010 commit 2010-09-11 12:45:30 +02:00
First commit for spp_ai 2010-08-14 14:30:41 +02:00			`- Managing clusters for addresses, timestamps (and more?)`
Bayesian correlation now working 2010-09-23 21:57:20 +02:00			`- libgc support`
First commit for spp_ai 2010-08-14 14:30:41 +02:00
Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00			`=====`
			`DONE:`
			`=====`

			`+ PostgreSQL support`
			`+ Regex comp cache`
			`+ Managing hyperalert graph connection inside the alert structure itself`
			`+ Keeping track of all the streams and alerts even after clustered`
Clustering now improved 2010-09-18 16:42:11 +02:00			`+ Dynamic cluster_min_size algorithm`
Bayesian correlation now working 2010-09-23 21:57:20 +02:00			`+ Add alerts' history serialization to db.c as well`
			`+ Bayesian learning among alerts in alert log`
Grouped alert info inside the cluster, better graph management in hyperalerts 2010-09-16 23:21:38 +02:00