Weekly Report for week ending 5 October 2012




Worked with Shane to try to get a new FreeBSD image built for the
emulation network. FreeBSD is still pretty terrible to deal with and seems
to have updated some disk partitioning/formats to ones that frisbee
doesn't fully understand. For now it's creating a raw disk image, but if
we do another from scratch it would be good to see if we can use some
slightly older options.

Changed the way the allowable time difference between events in a group is
calculated for LPI events to shorten it if the events were significantly
different. Some suboptimal groupings were being made because the events
were slightly similar and nearby in time but not related.

Worked with Nathan to test his program operating on smokeping rrd files
and feeding the results into the anomaly detection process. Had to put
together a module to deal with specifically with smokeping data, and think
I now have a good understanding of how everything fits together, where
data storage needs to be etc. Waiting on more data to arrive and the
fetching of historical data to work to properly fill the training buffers
now before events will be detected.