Snort_AIPreproc/TODO
2010-09-20 14:39:08 +02:00

24 lines
528 B
Text

======================
AVERAGE/HIGH PRIORITY:
======================
- Testing more scenarios, making more hyperalert models
- Bayesian learning among alerts in alert log
- libgc support
=============
LOW PRIORITY:
=============
- Managing clusters for addresses, timestamps (and more?)
=====
DONE:
=====
+ PostgreSQL support
+ Regex comp cache
+ Managing hyperalert graph connection inside the alert structure itself
+ Keeping track of all the streams and alerts even after clustered
+ Dynamic cluster_min_size algorithm