Data Structures |
| struct | attribute_key |
| struct | attribute_value |
Functions |
| PRIVATE int | _heuristic_func (cluster_type type) |
| | Function that picks up the heuristic value for a clustering attribute in according to Julisch's heuristic (ACM, Vol.2, No.3, 09 2002, pag.124).
|
| PRIVATE hierarchy_node * | _hierarchy_node_new (char *label, int min_val, int max_val) |
| | Create a new clustering hierarchy node.
|
| PRIVATE void | _hierarchy_node_append (hierarchy_node *parent, hierarchy_node *child) |
| | Append a node to a clustering hierarchy node.
|
| PRIVATE hierarchy_node * | _AI_get_min_hierarchy_node (int val, hierarchy_node *root) |
| | Get the minimum node in a hierarchy tree that matches a certain value.
|
| PRIVATE BOOL | _AI_equal_alarms (AI_snort_alert *a1, AI_snort_alert *a2) |
| | Check if two alerts are semantically equal.
|
| PRIVATE int | _AI_merge_alerts (AI_snort_alert **log) |
| | Merge the alerts marked as equal in the log.
|
| PRIVATE void | _AI_print_clustered_alerts (AI_snort_alert *log, FILE *fp) |
| | Print the clustered alerts to a log file.
|
| PRIVATE void * | _AI_cluster_thread (void *arg) |
| | Thread for periodically clustering the log information.
|
| PRIVATE BOOL | _AI_check_duplicate (hierarchy_node *node, hierarchy_node *root) |
| | Check if a certain node's range (minimum and maximum value) are already present in a clustering hierarchy.
|
| void | AI_hierarchies_build (AI_config *conf, hierarchy_node **nodes, int n_nodes) |
| | Build the clustering hierarchy trees.
|
| PRIVATE AI_snort_alert * | _AI_copy_clustered_alerts (AI_snort_alert *node) |
| | Return a copy of the clustered alerts.
|
| AI_snort_alert * | AI_get_clustered_alerts () |
| | Return the alerts parsed so far as a linked list.
|
Variables |
| PRIVATE hierarchy_node * | h_root [CLUSTER_TYPES] = { NULL } |
| PRIVATE AI_config * | _config = NULL |
| PRIVATE AI_snort_alert * | alert_log = NULL |
| PRIVATE BOOL | lock_flag = false |
1.7.1