mirror of
https://github.com/BlackLight/Snort_AIPreproc.git
synced 2024-11-15 05:07:15 +01:00
291 lines
16 KiB
TeX
291 lines
16 KiB
TeX
\hypertarget{group__cluster}{
|
|
\section{Manage the clustering of alarms}
|
|
\label{group__cluster}\index{Manage the clustering of alarms@{Manage the clustering of alarms}}
|
|
}
|
|
\subsection*{Data Structures}
|
|
\begin{DoxyCompactItemize}
|
|
\item
|
|
struct \hyperlink{structattribute__key}{attribute\_\-key}
|
|
\item
|
|
struct \hyperlink{structattribute__value}{attribute\_\-value}
|
|
\end{DoxyCompactItemize}
|
|
\subsection*{Functions}
|
|
\begin{DoxyCompactItemize}
|
|
\item
|
|
PRIVATE int \hyperlink{group__cluster_ga81f5fa721719fdb281595a568eef2101}{\_\-heuristic\_\-func} (\hyperlink{spp__ai_8h_ae2ff3c6586aa2ab211a102abfde86640}{cluster\_\-type} type)
|
|
\begin{DoxyCompactList}\small\item\em Function that picks up the heuristic value for a clustering attribute in according to Julisch's heuristic (ACM, Vol.2, No.3, 09 2002, pag.124). \item\end{DoxyCompactList}\item
|
|
PRIVATE \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$ \hyperlink{group__cluster_ga2f1a22cfea64e4669da0467620c3e3b3}{\_\-hierarchy\_\-node\_\-new} (char $\ast$label, int min\_\-val, int max\_\-val)
|
|
\begin{DoxyCompactList}\small\item\em Create a new clustering hierarchy node. \item\end{DoxyCompactList}\item
|
|
PRIVATE void \hyperlink{group__cluster_ga5601a1f603d9c870ef6e2df192e30c30}{\_\-hierarchy\_\-node\_\-append} (\hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$parent, \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$child)
|
|
\begin{DoxyCompactList}\small\item\em Append a node to a clustering hierarchy node. \item\end{DoxyCompactList}\item
|
|
PRIVATE \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$ \hyperlink{group__cluster_ga6ddddcd505b1f763c339e81fc143e079}{\_\-AI\_\-get\_\-min\_\-hierarchy\_\-node} (int val, \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$root)
|
|
\begin{DoxyCompactList}\small\item\em Get the minimum node in a hierarchy tree that matches a certain value. \item\end{DoxyCompactList}\item
|
|
PRIVATE \hyperlink{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dd}{BOOL} \hyperlink{group__cluster_ga0f91c8bfc37a3975f5c26b19fd6c5cba}{\_\-AI\_\-equal\_\-alarms} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$a1, \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$a2)
|
|
\begin{DoxyCompactList}\small\item\em Check if two alerts are semantically equal. \item\end{DoxyCompactList}\item
|
|
PRIVATE int \hyperlink{group__cluster_ga8ce8e5a5d8954672297fa2dedb380dcd}{\_\-AI\_\-merge\_\-alerts} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$$\ast$log)
|
|
\begin{DoxyCompactList}\small\item\em Merge the alerts marked as equal in the log. \item\end{DoxyCompactList}\item
|
|
PRIVATE void \hyperlink{group__cluster_ga7d151880080470b542e99643dc0426a7}{\_\-AI\_\-print\_\-clustered\_\-alerts} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$log, FILE $\ast$fp)
|
|
\begin{DoxyCompactList}\small\item\em Print the clustered alerts to a log file. \item\end{DoxyCompactList}\item
|
|
PRIVATE void $\ast$ \hyperlink{group__cluster_ga8a5eae61dc9fd0f13e0acdfa5f4478e2}{\_\-AI\_\-cluster\_\-thread} (void $\ast$arg)
|
|
\begin{DoxyCompactList}\small\item\em Thread for periodically clustering the log information. \item\end{DoxyCompactList}\item
|
|
PRIVATE \hyperlink{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dd}{BOOL} \hyperlink{group__cluster_ga29c35cd6c56f54e27b5b190c6d6c487a}{\_\-AI\_\-check\_\-duplicate} (\hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$node, \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$root)
|
|
\begin{DoxyCompactList}\small\item\em Check if a certain node's range (minimum and maximum value) are already present in a clustering hierarchy. \item\end{DoxyCompactList}\item
|
|
void \hyperlink{group__cluster_ga1445818b37483f78cc3fb2890155842c}{AI\_\-hierarchies\_\-build} (\hyperlink{structAI__config}{AI\_\-config} $\ast$\hyperlink{group__correlation_gaad7a982b6016390e7cd1164bd7db8bca}{conf}, \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$$\ast$nodes, int n\_\-nodes)
|
|
\begin{DoxyCompactList}\small\item\em Build the clustering hierarchy trees. \item\end{DoxyCompactList}\item
|
|
PRIVATE \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{group__cluster_gab4c8ab92691e85a6f0ac4abb122712fd}{\_\-AI\_\-copy\_\-clustered\_\-alerts} (\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$node)
|
|
\begin{DoxyCompactList}\small\item\em Return a copy of the clustered alerts. \item\end{DoxyCompactList}\item
|
|
\hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{group__cluster_ga2553c678eeb83282c230d649a0e8fcd4}{AI\_\-get\_\-clustered\_\-alerts} ()
|
|
\begin{DoxyCompactList}\small\item\em Return the alerts parsed so far as a linked list. \item\end{DoxyCompactList}\end{DoxyCompactItemize}
|
|
\subsection*{Variables}
|
|
\begin{DoxyCompactItemize}
|
|
\item
|
|
PRIVATE \hyperlink{struct__hierarchy__node}{hierarchy\_\-node} $\ast$ \hyperlink{group__cluster_ga97d35425cf5a0207fb50b64ee8cdda82}{h\_\-root} \mbox{[}CLUSTER\_\-TYPES\mbox{]} = \{ NULL \}
|
|
\item
|
|
PRIVATE \hyperlink{structAI__config}{AI\_\-config} $\ast$ \hyperlink{group__cluster_ga91458e2d34595688e39fcb63ba418849}{\_\-config} = NULL
|
|
\item
|
|
PRIVATE \hyperlink{struct__AI__snort__alert}{AI\_\-snort\_\-alert} $\ast$ \hyperlink{group__cluster_gaaf4c19f60f48741b0890c6114dcff7d9}{alert\_\-log} = NULL
|
|
\item
|
|
PRIVATE \hyperlink{spp__ai_8h_a3e5b8192e7d9ffaf3542f1210aec18dd}{BOOL} \hyperlink{group__cluster_gafebc81c042a632dc987e113b7f390274}{lock\_\-flag} = false
|
|
\end{DoxyCompactItemize}
|
|
|
|
|
|
\subsection{Function Documentation}
|
|
\hypertarget{group__cluster_ga29c35cd6c56f54e27b5b190c6d6c487a}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-check\_\-duplicate@{\_\-AI\_\-check\_\-duplicate}}
|
|
\index{\_\-AI\_\-check\_\-duplicate@{\_\-AI\_\-check\_\-duplicate}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-check\_\-duplicate}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf BOOL} \_\-AI\_\-check\_\-duplicate (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf hierarchy\_\-node} $\ast$}]{ node, }
|
|
\item[{{\bf hierarchy\_\-node} $\ast$}]{ root}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga29c35cd6c56f54e27b5b190c6d6c487a}
|
|
|
|
|
|
Check if a certain node's range (minimum and maximum value) are already present in a clustering hierarchy.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em node}]Node to be checked \item[{\em root}]Clustering hierarchy \end{DoxyParams}
|
|
\begin{DoxyReturn}{Returns}
|
|
True if 'node' is already in 'root', false otherwise
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga8a5eae61dc9fd0f13e0acdfa5f4478e2}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-cluster\_\-thread@{\_\-AI\_\-cluster\_\-thread}}
|
|
\index{\_\-AI\_\-cluster\_\-thread@{\_\-AI\_\-cluster\_\-thread}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-cluster\_\-thread}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE void$\ast$ \_\-AI\_\-cluster\_\-thread (
|
|
\begin{DoxyParamCaption}
|
|
\item[{void $\ast$}]{ arg}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga8a5eae61dc9fd0f13e0acdfa5f4478e2}
|
|
|
|
|
|
Thread for periodically clustering the log information.
|
|
|
|
\hypertarget{group__cluster_gab4c8ab92691e85a6f0ac4abb122712fd}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-copy\_\-clustered\_\-alerts@{\_\-AI\_\-copy\_\-clustered\_\-alerts}}
|
|
\index{\_\-AI\_\-copy\_\-clustered\_\-alerts@{\_\-AI\_\-copy\_\-clustered\_\-alerts}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-copy\_\-clustered\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf AI\_\-snort\_\-alert}$\ast$ \_\-AI\_\-copy\_\-clustered\_\-alerts (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf AI\_\-snort\_\-alert} $\ast$}]{ node}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_gab4c8ab92691e85a6f0ac4abb122712fd}
|
|
|
|
|
|
Return a copy of the clustered alerts.
|
|
|
|
\begin{DoxyReturn}{Returns}
|
|
An AI\_\-snort\_\-alert pointer identifying the list of clustered alerts
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga0f91c8bfc37a3975f5c26b19fd6c5cba}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-equal\_\-alarms@{\_\-AI\_\-equal\_\-alarms}}
|
|
\index{\_\-AI\_\-equal\_\-alarms@{\_\-AI\_\-equal\_\-alarms}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-equal\_\-alarms}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf BOOL} \_\-AI\_\-equal\_\-alarms (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf AI\_\-snort\_\-alert} $\ast$}]{ a1, }
|
|
\item[{{\bf AI\_\-snort\_\-alert} $\ast$}]{ a2}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga0f91c8bfc37a3975f5c26b19fd6c5cba}
|
|
|
|
|
|
Check if two alerts are semantically equal.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em a1}]First alert \item[{\em a2}]Second alert \end{DoxyParams}
|
|
\begin{DoxyReturn}{Returns}
|
|
True if they are equal, false otherwise
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga6ddddcd505b1f763c339e81fc143e079}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-get\_\-min\_\-hierarchy\_\-node@{\_\-AI\_\-get\_\-min\_\-hierarchy\_\-node}}
|
|
\index{\_\-AI\_\-get\_\-min\_\-hierarchy\_\-node@{\_\-AI\_\-get\_\-min\_\-hierarchy\_\-node}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-get\_\-min\_\-hierarchy\_\-node}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf hierarchy\_\-node}$\ast$ \_\-AI\_\-get\_\-min\_\-hierarchy\_\-node (
|
|
\begin{DoxyParamCaption}
|
|
\item[{int}]{ val, }
|
|
\item[{{\bf hierarchy\_\-node} $\ast$}]{ root}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga6ddddcd505b1f763c339e81fc143e079}
|
|
|
|
|
|
Get the minimum node in a hierarchy tree that matches a certain value.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em val}]Value to be matched in the range \item[{\em root}]Root of the hierarchy \end{DoxyParams}
|
|
\begin{DoxyReturn}{Returns}
|
|
The minimum node that matches the value if any, NULL otherwise
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga8ce8e5a5d8954672297fa2dedb380dcd}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-merge\_\-alerts@{\_\-AI\_\-merge\_\-alerts}}
|
|
\index{\_\-AI\_\-merge\_\-alerts@{\_\-AI\_\-merge\_\-alerts}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-merge\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE int \_\-AI\_\-merge\_\-alerts (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf AI\_\-snort\_\-alert} $\ast$$\ast$}]{ log}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga8ce8e5a5d8954672297fa2dedb380dcd}
|
|
|
|
|
|
Merge the alerts marked as equal in the log.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em log}]Alert log reference \end{DoxyParams}
|
|
\begin{DoxyReturn}{Returns}
|
|
The number of merged couples
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga7d151880080470b542e99643dc0426a7}{
|
|
\index{cluster@{cluster}!\_\-AI\_\-print\_\-clustered\_\-alerts@{\_\-AI\_\-print\_\-clustered\_\-alerts}}
|
|
\index{\_\-AI\_\-print\_\-clustered\_\-alerts@{\_\-AI\_\-print\_\-clustered\_\-alerts}!cluster@{cluster}}
|
|
\subsubsection[{\_\-AI\_\-print\_\-clustered\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE void \_\-AI\_\-print\_\-clustered\_\-alerts (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf AI\_\-snort\_\-alert} $\ast$}]{ log, }
|
|
\item[{FILE $\ast$}]{ fp}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga7d151880080470b542e99643dc0426a7}
|
|
|
|
|
|
Print the clustered alerts to a log file.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em log}]Log containing the alerts \item[{\em fp}]File pointer where the alerts will be printed \end{DoxyParams}
|
|
\hypertarget{group__cluster_ga81f5fa721719fdb281595a568eef2101}{
|
|
\index{cluster@{cluster}!\_\-heuristic\_\-func@{\_\-heuristic\_\-func}}
|
|
\index{\_\-heuristic\_\-func@{\_\-heuristic\_\-func}!cluster@{cluster}}
|
|
\subsubsection[{\_\-heuristic\_\-func}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE int \_\-heuristic\_\-func (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf cluster\_\-type}}]{ type}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga81f5fa721719fdb281595a568eef2101}
|
|
|
|
|
|
Function that picks up the heuristic value for a clustering attribute in according to Julisch's heuristic (ACM, Vol.2, No.3, 09 2002, pag.124).
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em type}]Attribute type \end{DoxyParams}
|
|
\begin{DoxyReturn}{Returns}
|
|
The heuristic coefficient for that attribute, -\/1 if no clustering information is available for that attribute
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga5601a1f603d9c870ef6e2df192e30c30}{
|
|
\index{cluster@{cluster}!\_\-hierarchy\_\-node\_\-append@{\_\-hierarchy\_\-node\_\-append}}
|
|
\index{\_\-hierarchy\_\-node\_\-append@{\_\-hierarchy\_\-node\_\-append}!cluster@{cluster}}
|
|
\subsubsection[{\_\-hierarchy\_\-node\_\-append}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE void \_\-hierarchy\_\-node\_\-append (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf hierarchy\_\-node} $\ast$}]{ parent, }
|
|
\item[{{\bf hierarchy\_\-node} $\ast$}]{ child}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga5601a1f603d9c870ef6e2df192e30c30}
|
|
|
|
|
|
Append a node to a clustering hierarchy node.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em parent}]Parent node \item[{\em child}]Child node \end{DoxyParams}
|
|
\hypertarget{group__cluster_ga2f1a22cfea64e4669da0467620c3e3b3}{
|
|
\index{cluster@{cluster}!\_\-hierarchy\_\-node\_\-new@{\_\-hierarchy\_\-node\_\-new}}
|
|
\index{\_\-hierarchy\_\-node\_\-new@{\_\-hierarchy\_\-node\_\-new}!cluster@{cluster}}
|
|
\subsubsection[{\_\-hierarchy\_\-node\_\-new}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf hierarchy\_\-node}$\ast$ \_\-hierarchy\_\-node\_\-new (
|
|
\begin{DoxyParamCaption}
|
|
\item[{char $\ast$}]{ label, }
|
|
\item[{int}]{ min\_\-val, }
|
|
\item[{int}]{ max\_\-val}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga2f1a22cfea64e4669da0467620c3e3b3}
|
|
|
|
|
|
Create a new clustering hierarchy node.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em label}]Label for the node \item[{\em min\_\-val}]Minimum value for the range represented by the node \item[{\em max\_\-val}]Maximum value for the range represented by the node \end{DoxyParams}
|
|
\begin{DoxyReturn}{Returns}
|
|
The brand new node if the allocation was ok, otherwise abort the application
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga2553c678eeb83282c230d649a0e8fcd4}{
|
|
\index{cluster@{cluster}!AI\_\-get\_\-clustered\_\-alerts@{AI\_\-get\_\-clustered\_\-alerts}}
|
|
\index{AI\_\-get\_\-clustered\_\-alerts@{AI\_\-get\_\-clustered\_\-alerts}!cluster@{cluster}}
|
|
\subsubsection[{AI\_\-get\_\-clustered\_\-alerts}]{\setlength{\rightskip}{0pt plus 5cm}{\bf AI\_\-snort\_\-alert}$\ast$ AI\_\-get\_\-clustered\_\-alerts (
|
|
\begin{DoxyParamCaption}
|
|
\item[{void}]{}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga2553c678eeb83282c230d649a0e8fcd4}
|
|
|
|
|
|
Return the alerts parsed so far as a linked list.
|
|
|
|
\begin{DoxyReturn}{Returns}
|
|
An AI\_\-snort\_\-alert pointer identifying the list of clustered alerts
|
|
\end{DoxyReturn}
|
|
\hypertarget{group__cluster_ga1445818b37483f78cc3fb2890155842c}{
|
|
\index{cluster@{cluster}!AI\_\-hierarchies\_\-build@{AI\_\-hierarchies\_\-build}}
|
|
\index{AI\_\-hierarchies\_\-build@{AI\_\-hierarchies\_\-build}!cluster@{cluster}}
|
|
\subsubsection[{AI\_\-hierarchies\_\-build}]{\setlength{\rightskip}{0pt plus 5cm}void AI\_\-hierarchies\_\-build (
|
|
\begin{DoxyParamCaption}
|
|
\item[{{\bf AI\_\-config} $\ast$}]{ conf, }
|
|
\item[{{\bf hierarchy\_\-node} $\ast$$\ast$}]{ nodes, }
|
|
\item[{int}]{ n\_\-nodes}
|
|
\end{DoxyParamCaption}
|
|
)}}
|
|
\label{group__cluster_ga1445818b37483f78cc3fb2890155842c}
|
|
|
|
|
|
Build the clustering hierarchy trees.
|
|
|
|
|
|
\begin{DoxyParams}{Parameters}
|
|
\item[{\em conf}]Reference to the configuration of the module \item[{\em nodes}]Nodes containing the information about the clustering ranges \item[{\em n\_\-nodes}]Number of nodes \end{DoxyParams}
|
|
|
|
|
|
\subsection{Variable Documentation}
|
|
\hypertarget{group__cluster_ga91458e2d34595688e39fcb63ba418849}{
|
|
\index{cluster@{cluster}!\_\-config@{\_\-config}}
|
|
\index{\_\-config@{\_\-config}!cluster@{cluster}}
|
|
\subsubsection[{\_\-config}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf AI\_\-config}$\ast$ {\bf \_\-config} = NULL}}
|
|
\label{group__cluster_ga91458e2d34595688e39fcb63ba418849}
|
|
\hypertarget{group__cluster_gaaf4c19f60f48741b0890c6114dcff7d9}{
|
|
\index{cluster@{cluster}!alert\_\-log@{alert\_\-log}}
|
|
\index{alert\_\-log@{alert\_\-log}!cluster@{cluster}}
|
|
\subsubsection[{alert\_\-log}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf AI\_\-snort\_\-alert}$\ast$ {\bf alert\_\-log} = NULL}}
|
|
\label{group__cluster_gaaf4c19f60f48741b0890c6114dcff7d9}
|
|
\hypertarget{group__cluster_ga97d35425cf5a0207fb50b64ee8cdda82}{
|
|
\index{cluster@{cluster}!h\_\-root@{h\_\-root}}
|
|
\index{h\_\-root@{h\_\-root}!cluster@{cluster}}
|
|
\subsubsection[{h\_\-root}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf hierarchy\_\-node}$\ast$ {\bf h\_\-root}\mbox{[}CLUSTER\_\-TYPES\mbox{]} = \{ NULL \}}}
|
|
\label{group__cluster_ga97d35425cf5a0207fb50b64ee8cdda82}
|
|
\hypertarget{group__cluster_gafebc81c042a632dc987e113b7f390274}{
|
|
\index{cluster@{cluster}!lock\_\-flag@{lock\_\-flag}}
|
|
\index{lock\_\-flag@{lock\_\-flag}!cluster@{cluster}}
|
|
\subsubsection[{lock\_\-flag}]{\setlength{\rightskip}{0pt plus 5cm}PRIVATE {\bf BOOL} {\bf lock\_\-flag} = false}}
|
|
\label{group__cluster_gafebc81c042a632dc987e113b7f390274}
|