<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<title>Snort AI preprocessor module: cluster.c File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javaScript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
</head>
<body onload='searchBox.OnSelectItem(0);'>
<!-- Generated by Doxygen 1.7.1 -->
<script type="text/javascript"><!--
var searchBox = new SearchBox("searchBox", "search",false,'Search');
--></script>
<div class="navigation" id="top">
<div class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
<li><a href="annotated.html"><span>Data Structures</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
<li id="searchli">
<div id="MSearchBox" class="MSearchBoxInactive">
<span class="left">
<img id="MSearchSelect" src="search/mag_sel.png"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
alt=""/>
<input type="text" id="MSearchField" value="Search" accesskey="S"
onfocus="searchBox.OnSearchFieldFocus(true)"
onblur="searchBox.OnSearchFieldFocus(false)"
onkeyup="searchBox.OnSearchFieldChange(event)"/>
</span><span class="right">
<a id="MSearchClose" href="javascript:searchBox.CloseResultsWindow()"><img id="MSearchCloseImg" border="0" src="search/close.png" alt=""/></a>
</span>
</div>
</li>
</ul>
</div>
<div class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
<li><a href="globals.html"><span>Globals</span></a></li>
</ul>
</div>
</div>
<div class="header">
<div class="summary">
<a href="#nested-classes">Data Structures</a> |
<a href="#func-members">Functions</a> |
<a href="#var-members">Variables</a> </div>
<div class="headertitle">
<h1>cluster.c File Reference</h1> </div>
</div>
<div class="contents">
<code>#include "<a class="el" href="spp__ai_8h_source.html">spp_ai.h</a>"</code><br/>
<code>#include <stdio.h></code><br/>
<code>#include <unistd.h></code><br/>
<code>#include <limits.h></code><br/>
<code>#include <pthread.h></code><br/>
<table class="memberdecls">
<tr><td colspan="2"><h2><a name="nested-classes"></a>
Data Structures</h2></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">struct </td><td class="memItemRight" valign="bottom"><a class="el" href="structattribute__key.html">attribute_key</a></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">struct </td><td class="memItemRight" valign="bottom"><a class="el" href="structattribute__value.html">attribute_value</a></td></tr>
<tr><td colspan="2"><h2><a name="func-members"></a>
Functions</h2></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga81f5fa721719fdb281595a568eef2101">_heuristic_func</a> (<a class="el" href="spp__ai_8h.html#ae2ff3c6586aa2ab211a102abfde86640">cluster_type</a> type)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Function that picks up the heuristic value for a clustering attribute in according to Julisch's heuristic (ACM, Vol.2, No.3, 09 2002, pag.124). <a href="group__cluster.html#ga81f5fa721719fdb281595a568eef2101"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga2f1a22cfea64e4669da0467620c3e3b3">_hierarchy_node_new</a> (char *label, int min_val, int max_val)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Create a new clustering hierarchy node. <a href="group__cluster.html#ga2f1a22cfea64e4669da0467620c3e3b3"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga5601a1f603d9c870ef6e2df192e30c30">_hierarchy_node_append</a> (<a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> *parent, <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> *child)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Append a node to a clustering hierarchy node. <a href="group__cluster.html#ga5601a1f603d9c870ef6e2df192e30c30"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga6ddddcd505b1f763c339e81fc143e079">_AI_get_min_hierarchy_node</a> (int val, <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> *root)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Get the minimum node in a hierarchy tree that matches a certain value. <a href="group__cluster.html#ga6ddddcd505b1f763c339e81fc143e079"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="spp__ai_8h.html#a3e5b8192e7d9ffaf3542f1210aec18dd">BOOL</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga0f91c8bfc37a3975f5c26b19fd6c5cba">_AI_equal_alarms</a> (<a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> *a1, <a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> *a2)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Check if two alerts are semantically equal. <a href="group__cluster.html#ga0f91c8bfc37a3975f5c26b19fd6c5cba"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga8ce8e5a5d8954672297fa2dedb380dcd">_AI_merge_alerts</a> (<a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> **log)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Merge the alerts marked as equal in the log. <a href="group__cluster.html#ga8ce8e5a5d8954672297fa2dedb380dcd"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga7d151880080470b542e99643dc0426a7">_AI_print_clustered_alerts</a> (<a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> *log, FILE *fp)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Print the clustered alerts to a log file. <a href="group__cluster.html#ga7d151880080470b542e99643dc0426a7"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE void * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga8a5eae61dc9fd0f13e0acdfa5f4478e2">_AI_cluster_thread</a> (void *arg)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Thread for periodically clustering the log information. <a href="group__cluster.html#ga8a5eae61dc9fd0f13e0acdfa5f4478e2"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="spp__ai_8h.html#a3e5b8192e7d9ffaf3542f1210aec18dd">BOOL</a> </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga29c35cd6c56f54e27b5b190c6d6c487a">_AI_check_duplicate</a> (<a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> *node, <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> *root)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Check if a certain node's range (minimum and maximum value) are already present in a clustering hierarchy. <a href="group__cluster.html#ga29c35cd6c56f54e27b5b190c6d6c487a"></a><br/></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">void </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga1445818b37483f78cc3fb2890155842c">AI_hierarchies_build</a> (<a class="el" href="structAI__config.html">AI_config</a> *conf, <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> **nodes, int n_nodes)</td></tr>
<tr><td class="mdescLeft"> </td><td class="mdescRight">Build the clustering hierarchy trees. <a href="group__cluster.html#ga1445818b37483f78cc3fb2890155842c"></a><br/></td></tr>
<tr><td colspan="2"><h2><a name="var-members"></a>
Variables</h2></td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="struct__hierarchy__node.html">hierarchy_node</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga97d35425cf5a0207fb50b64ee8cdda82">h_root</a> [CLUSTER_TYPES] = { NULL }</td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="structAI__config.html">AI_config</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#ga91458e2d34595688e39fcb63ba418849">_config</a> = NULL</td></tr>
<tr><td class="memItemLeft" align="right" valign="top">PRIVATE <a class="el" href="struct__AI__snort__alert.html">AI_snort_alert</a> * </td><td class="memItemRight" valign="bottom"><a class="el" href="group__cluster.html#gaaf4c19f60f48741b0890c6114dcff7d9">alert_log</a> = NULL</td></tr>
</table>
</div>
<!--- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
<a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(0)"><span class="SelectionMark"> </span>All</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(1)"><span class="SelectionMark"> </span>Data Structures</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(2)"><span class="SelectionMark"> </span>Files</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(3)"><span class="SelectionMark"> </span>Functions</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(4)"><span class="SelectionMark"> </span>Variables</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(5)"><span class="SelectionMark"> </span>Typedefs</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(6)"><span class="SelectionMark"> </span>Enumerations</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(7)"><span class="SelectionMark"> </span>Enumerator</a><a class="SelectItem" href="javascript:void(0)" onclick="searchBox.OnSelectItem(8)"><span class="SelectionMark"> </span>Defines</a></div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Sat Sep 4 2010 21:30:42 for Snort AI preprocessor module by
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.1 </small></address>
</body>
</html>