\hypertarget{spp__ai_8h}{ \section{spp\_\-ai.h File Reference} \label{spp__ai_8h}\index{spp\_\-ai.h@{spp\_\-ai.h}} } {\ttfamily \#include \char`\"{}sf\_\-snort\_\-packet.h\char`\"{}}\par {\ttfamily \#include \char`\"{}sf\_\-dynamic\_\-preprocessor.h\char`\"{}}\par {\ttfamily \#include \char`\"{}uthash.h\char`\"{}}\par \subsection*{Data Structures} \begin{DoxyCompactItemize} \item struct \hyperlink{structpkt__key}{pkt\_\-key} \item struct \hyperlink{structpkt__info}{pkt\_\-info} \item struct \hyperlink{structAI__config}{AI\_\-config} \item struct \hyperlink{struct__hierarchy__node}{\_\-hierarchy\_\-node} \item struct \hyperlink{struct__AI__snort__alert}{\_\-AI\_\-snort\_\-alert} \end{DoxyCompactItemize} \subsection*{Defines} \begin{DoxyCompactItemize} \item \#define \hyperlink{spp__ai_8h_a5e151c615eda34903514212f05a5ccf8}{PRIVATE}~static \item \#define \hyperlink{spp__ai_8h_a5f555c0ebd29ce2771a3e2dd4f526746}{DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL}~300 \item \#define \hyperlink{spp__ai_8h_a0f6a189af15ef783fb46ed37c144e031}{DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL}~300 \item \#define \hyperlink{spp__ai_8h_a3c4984a0ee515fbc091ac6e33b05e310}{DEFAULT\_\-DATABASE\_\-INTERVAL}~30 \item \#define \hyperlink{spp__ai_8h_a0c4b6fce670e46083e33b9f53b78f39e}{DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL}~3600 \item \#define \hyperlink{spp__ai_8h_a6d9bf552c32371e0144dc6a6209c7e4a}{DEFAULT\_\-ALERT\_\-LOG\_\-FILE}~\char`\"{}/var/log/snort/alert\char`\"{} \item \#define \hyperlink{spp__ai_8h_a803dc913297ccdace9e604dbfecda97d}{DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE}~\char`\"{}/var/log/snort/cluster\_\-alert\char`\"{} \end{DoxyCompactItemize} \subsection*{Typedefs} \begin{DoxyCompactItemize} \item typedef unsigned char \hyperlink{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5}{uint8\_\-t} \item typedef unsigned short \hyperlink{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{uint16\_\-t} \item typedef unsigned int \hyperlink{spp__ai_8h_a435d1572bf3f880d55459d9805097f62}{uint32\_\-t} \item typedef struct \hyperlink{struct__hierarchy__node}{\_\-hierarchy\_\-node} \hyperlink{spp__ai_8h_a466391129919ef12366d311d501552fa}{hierarchy\_\-node} \item typedef struct \hyperlink{struct__AI__snort__alert}{\_\-AI\_\-snort\_\-alert} \hyperlink{spp__ai_8h_a982be90e72362e88d09f28336c9a1897}{AI\_\-snort\_\-alert} \end{DoxyCompactItemize} \subsection*{Enumerations} \begin{DoxyCompactItemize} \item enum \hyperlink{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dd}{BOOL} \{ \hyperlink{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18ddae9de385ef6fe9bf3360d1038396b884c}{false}, \hyperlink{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dda08f175a5505a10b9ed657defeb050e4b}{true} \} \item enum \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640}{cluster\_\-type} \{ \par \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ab7e4e0120a041dbe6528b050c04269e0}{none}, \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640abc900639df18f0f5f2f63a1f033fe42f}{src\_\-addr}, \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640aa000f955ef1374c60cdb16bf43a1593c}{dst\_\-addr}, \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ac1335c508143eb06843af2ce5ff3027b}{src\_\-port}, \par \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640abc4f89a184ada44073bd6f54d7fc11c9}{dst\_\-port}, \hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ab16bb5c4b330d5db02e2d852cd2ba451}{CLUSTER\_\-TYPES} \} \end{DoxyCompactItemize} \subsection*{Functions} \begin{DoxyCompactItemize} \item int \hyperlink{group__regex_ga35f57c052a7de1ded54b67a1f7819791}{preg\_\-match} (const char $\ast$, char $\ast$, char $\ast$$\ast$$\ast$, int $\ast$) \begin{DoxyCompactList}\small\item\em Check if a string matches a regular expression. \item\end{DoxyCompactList}\item void $\ast$ \hyperlink{group__stream_ga24b1131374e5059564b8a12380c4eb75}{AI\_\-hashcleanup\_\-thread} (void $\ast$) \begin{DoxyCompactList}\small\item\em Thread called for cleaning up the hash table from the traffic streams older than a certain threshold. \item\end{DoxyCompactList}\item void $\ast$ \hyperlink{group__alert__parser_ga5aab8d9bdf0e92a51731442fd787f61f}{AI\_\-file\_\-alertparser\_\-thread} (void $\ast$) \begin{DoxyCompactList}\small\item\em Thread for parsing Snort's alert file. \item\end{DoxyCompactList}\item void \hyperlink{group__stream_ga7d71c5645b9baff7b6c4b9a181bf80c5}{AI\_\-pkt\_\-enqueue} (SFSnortPacket $\ast$) \begin{DoxyCompactList}\small\item\em Function called for appending a new packet to the hash table, creating a new stream or appending it to an existing stream. \item\end{DoxyCompactList}\item void \hyperlink{group__stream_ga8749989cee2ac05a7de058faac280c02}{AI\_\-set\_\-stream\_\-observed} (struct \hyperlink{structpkt__key}{pkt\_\-key} key) \begin{DoxyCompactList}\small\item\em Set the flag \char`\"{}observed\char`\"{} on a stream associated to a security alert, so that it won't be removed from the hash table. \item\end{DoxyCompactList}\item void \hyperlink{group__cluster_ga1445818b37483f78cc3fb2890155842c}{AI\_\-hierarchies\_\-build} (\hyperlink{structAI__config}{AI\_\-config} $\ast$, \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$$\ast$, int) \begin{DoxyCompactList}\small\item\em Build the clustering hierarchy trees. \item\end{DoxyCompactList}\item struct \hyperlink{structpkt__info}{pkt\_\-info} $\ast$ \hyperlink{group__stream_ga2efedcabbfd12c5345f0c93a3dd4735c}{AI\_\-get\_\-stream\_\-by\_\-key} (struct \hyperlink{structpkt__key}{pkt\_\-key}) \begin{DoxyCompactList}\small\item\em Get a TCP stream by key. \item\end{DoxyCompactList}\item \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{group__alert__parser_ga99474495643197b3075ac22ec6f6c70f}{AI\_\-get\_\-alerts} (void) \begin{DoxyCompactList}\small\item\em Return the alerts parsed so far as a linked list. \item\end{DoxyCompactList}\item void \hyperlink{group__alert__parser_ga270e86669a0aa64a8da37bc16cda645b}{AI\_\-free\_\-alerts} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$node) \begin{DoxyCompactList}\small\item\em Deallocate the memory of a log alert linked list. \item\end{DoxyCompactList}\end{DoxyCompactItemize} \subsection*{Variables} \begin{DoxyCompactItemize} \item DynamicPreprocessorData \hyperlink{spp__ai_8h_ab46420126c43c1aac5eabc5db266a71c}{\_\-dpd} \item \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$($\ast$ \hyperlink{spp__ai_8h_ab184b676360ce03035801284a2bd1ea7}{get\_\-alerts} )(void) \end{DoxyCompactItemize} \subsection{Define Documentation} \hypertarget{spp__ai_8h_a0c4b6fce670e46083e33b9f53b78f39e}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL@{DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL}} \index{DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL@{DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL}]{\setlength{\rightskip}{0pt plus 5cm}\#define DEFAULT\_\-ALERT\_\-CLUSTERING\_\-INTERVAL~3600}} \label{spp__ai_8h_a0c4b6fce670e46083e33b9f53b78f39e} Default interval in seconds for the thread clustering alerts \hypertarget{spp__ai_8h_a6d9bf552c32371e0144dc6a6209c7e4a}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!DEFAULT\_\-ALERT\_\-LOG\_\-FILE@{DEFAULT\_\-ALERT\_\-LOG\_\-FILE}} \index{DEFAULT\_\-ALERT\_\-LOG\_\-FILE@{DEFAULT\_\-ALERT\_\-LOG\_\-FILE}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{DEFAULT\_\-ALERT\_\-LOG\_\-FILE}]{\setlength{\rightskip}{0pt plus 5cm}\#define DEFAULT\_\-ALERT\_\-LOG\_\-FILE~\char`\"{}/var/log/snort/alert\char`\"{}}} \label{spp__ai_8h_a6d9bf552c32371e0144dc6a6209c7e4a} Default path to Snort's log file \hypertarget{spp__ai_8h_a803dc913297ccdace9e604dbfecda97d}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE@{DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE}} \index{DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE@{DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE}]{\setlength{\rightskip}{0pt plus 5cm}\#define DEFAULT\_\-CLUSTER\_\-LOG\_\-FILE~\char`\"{}/var/log/snort/cluster\_\-alert\char`\"{}}} \label{spp__ai_8h_a803dc913297ccdace9e604dbfecda97d} Default path to Snort's clustered alerts file \hypertarget{spp__ai_8h_a3c4984a0ee515fbc091ac6e33b05e310}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!DEFAULT\_\-DATABASE\_\-INTERVAL@{DEFAULT\_\-DATABASE\_\-INTERVAL}} \index{DEFAULT\_\-DATABASE\_\-INTERVAL@{DEFAULT\_\-DATABASE\_\-INTERVAL}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{DEFAULT\_\-DATABASE\_\-INTERVAL}]{\setlength{\rightskip}{0pt plus 5cm}\#define DEFAULT\_\-DATABASE\_\-INTERVAL~30}} \label{spp__ai_8h_a3c4984a0ee515fbc091ac6e33b05e310} Default interval in seconds for reading alerts from the alert database, if used \hypertarget{spp__ai_8h_a5f555c0ebd29ce2771a3e2dd4f526746}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL@{DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL}} \index{DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL@{DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL}]{\setlength{\rightskip}{0pt plus 5cm}\#define DEFAULT\_\-HASH\_\-CLEANUP\_\-INTERVAL~300}} \label{spp__ai_8h_a5f555c0ebd29ce2771a3e2dd4f526746} Default interval in seconds for the thread cleaning up TCP streams \hypertarget{spp__ai_8h_a0f6a189af15ef783fb46ed37c144e031}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL@{DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL}} \index{DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL@{DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL}]{\setlength{\rightskip}{0pt plus 5cm}\#define DEFAULT\_\-STREAM\_\-EXPIRE\_\-INTERVAL~300}} \label{spp__ai_8h_a0f6a189af15ef783fb46ed37c144e031} Default interval in seconds before a stream without any packet is considered timed out \hypertarget{spp__ai_8h_a5e151c615eda34903514212f05a5ccf8}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!PRIVATE@{PRIVATE}} \index{PRIVATE@{PRIVATE}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{PRIVATE}]{\setlength{\rightskip}{0pt plus 5cm}\#define PRIVATE~static}} \label{spp__ai_8h_a5e151c615eda34903514212f05a5ccf8} \subsection{Typedef Documentation} \hypertarget{spp__ai_8h_a982be90e72362e88d09f28336c9a1897}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!AI\_\-snort\_\-alert@{AI\_\-snort\_\-alert}} \index{AI\_\-snort\_\-alert@{AI\_\-snort\_\-alert}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{AI\_\-snort\_\-alert}]{\setlength{\rightskip}{0pt plus 5cm}typedef struct {\bf \_\-AI\_\-snort\_\-alert} {\bf AI\_\-snort\_\-alert}}} \label{spp__ai_8h_a982be90e72362e88d09f28336c9a1897} Data type for Snort alerts \hypertarget{spp__ai_8h_a466391129919ef12366d311d501552fa}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!hierarchy\_\-node@{hierarchy\_\-node}} \index{hierarchy\_\-node@{hierarchy\_\-node}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{hierarchy\_\-node}]{\setlength{\rightskip}{0pt plus 5cm}typedef struct {\bf \_\-hierarchy\_\-node} {\bf hierarchy\_\-node}}} \label{spp__ai_8h_a466391129919ef12366d311d501552fa} \hypertarget{spp__ai_8h_a273cf69d639a59973b6019625df33e30}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!uint16\_\-t@{uint16\_\-t}} \index{uint16\_\-t@{uint16\_\-t}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{uint16\_\-t}]{\setlength{\rightskip}{0pt plus 5cm}typedef unsigned short {\bf uint16\_\-t}}} \label{spp__ai_8h_a273cf69d639a59973b6019625df33e30} \hypertarget{spp__ai_8h_a435d1572bf3f880d55459d9805097f62}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!uint32\_\-t@{uint32\_\-t}} \index{uint32\_\-t@{uint32\_\-t}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{uint32\_\-t}]{\setlength{\rightskip}{0pt plus 5cm}typedef unsigned int {\bf uint32\_\-t}}} \label{spp__ai_8h_a435d1572bf3f880d55459d9805097f62} \hypertarget{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!uint8\_\-t@{uint8\_\-t}} \index{uint8\_\-t@{uint8\_\-t}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{uint8\_\-t}]{\setlength{\rightskip}{0pt plus 5cm}typedef unsigned char {\bf uint8\_\-t}}} \label{spp__ai_8h_aba7bc1797add20fe3efdf37ced1182c5} \subsection{Enumeration Type Documentation} \hypertarget{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dd}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!BOOL@{BOOL}} \index{BOOL@{BOOL}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{BOOL}]{\setlength{\rightskip}{0pt plus 5cm}enum {\bf BOOL}}} \label{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dd} \begin{Desc} \item[Enumerator: ]\par \begin{description} \index{false@{false}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!false@{false}}\item[{\em \hypertarget{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18ddae9de385ef6fe9bf3360d1038396b884c}{ false} \label{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18ddae9de385ef6fe9bf3360d1038396b884c} }]\index{true@{true}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!true@{true}}\item[{\em \hypertarget{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dda08f175a5505a10b9ed657defeb050e4b}{ true} \label{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dda08f175a5505a10b9ed657defeb050e4b} }]\end{description} \end{Desc} \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!cluster\_\-type@{cluster\_\-type}} \index{cluster\_\-type@{cluster\_\-type}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{cluster\_\-type}]{\setlength{\rightskip}{0pt plus 5cm}enum {\bf cluster\_\-type}}} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640} Possible types of clustering attributes \begin{Desc} \item[Enumerator: ]\par \begin{description} \index{none@{none}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!none@{none}}\item[{\em \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ab7e4e0120a041dbe6528b050c04269e0}{ none} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ab7e4e0120a041dbe6528b050c04269e0} }]\index{src\_\-addr@{src\_\-addr}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!src\_\-addr@{src\_\-addr}}\item[{\em \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640abc900639df18f0f5f2f63a1f033fe42f}{ src\_\-addr} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640abc900639df18f0f5f2f63a1f033fe42f} }]\index{dst\_\-addr@{dst\_\-addr}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!dst\_\-addr@{dst\_\-addr}}\item[{\em \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640aa000f955ef1374c60cdb16bf43a1593c}{ dst\_\-addr} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640aa000f955ef1374c60cdb16bf43a1593c} }]\index{src\_\-port@{src\_\-port}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!src\_\-port@{src\_\-port}}\item[{\em \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ac1335c508143eb06843af2ce5ff3027b}{ src\_\-port} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ac1335c508143eb06843af2ce5ff3027b} }]\index{dst\_\-port@{dst\_\-port}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!dst\_\-port@{dst\_\-port}}\item[{\em \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640abc4f89a184ada44073bd6f54d7fc11c9}{ dst\_\-port} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640abc4f89a184ada44073bd6f54d7fc11c9} }]\index{CLUSTER\_\-TYPES@{CLUSTER\_\-TYPES}!spp\_\-ai.h@{spp\_\-ai.h}}\index{spp\_\-ai.h@{spp\_\-ai.h}!CLUSTER\_\-TYPES@{CLUSTER\_\-TYPES}}\item[{\em \hypertarget{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ab16bb5c4b330d5db02e2d852cd2ba451}{ CLUSTER\_\-TYPES} \label{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640ab16bb5c4b330d5db02e2d852cd2ba451} }]\end{description} \end{Desc} \subsection{Variable Documentation} \hypertarget{spp__ai_8h_ab46420126c43c1aac5eabc5db266a71c}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!\_\-dpd@{\_\-dpd}} \index{\_\-dpd@{\_\-dpd}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{\_\-dpd}]{\setlength{\rightskip}{0pt plus 5cm}DynamicPreprocessorData {\bf \_\-dpd}}} \label{spp__ai_8h_ab46420126c43c1aac5eabc5db266a71c} \hypertarget{spp__ai_8h_ab184b676360ce03035801284a2bd1ea7}{ \index{spp\_\-ai.h@{spp\_\-ai.h}!get\_\-alerts@{get\_\-alerts}} \index{get\_\-alerts@{get\_\-alerts}!spp_ai.h@{spp\_\-ai.h}} \subsubsection[{get\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}{\bf AI\_\-snort\_\-alert}$\ast$($\ast$ {\bf get\_\-alerts})(void)}} \label{spp__ai_8h_ab184b676360ce03035801284a2bd1ea7} Function pointer to the function used for getting the alert list (from log file, db, ...)