With SELECT *, it is impossible to drop columns (needed during migration
to new data types).

The ssh honeypot now provides local IP addresses. Use them in the
export.

Some data come from attacker. And not all attackers know that passwords
should be in UTF8, so accept everything simply as raw data.

• Simplify the rules for inclusion in the blacklist. Count score for
  each client, leave out the low-score clients (hardcoded for 100 now,
  adjusting the scores for events to match that) and sum them together
  across each attacker IP. These are compared to limits.
• Split the computation of this into several views, to improve
  readability and understandability (this way it looks more procedural,
  as the views can be understood to be done one by one).
• Include the ssh honeypot as one of the sources.

Don't set rights on the router_loggedpacket.archived, since the column
is no longer there.

Grant the script permissions to update the sets' data in database.

Configure the hash sizes of the sets in addition to maximum number of
elements. Added to the DB, the master, docs and the plugin.

Also, fixed a copy-pasted log message on the way.

Insert the right name into the known_plugins table when debug mode is
requested.

They help only a very little, but slow down the cache computation a lot.

Since TRUNCATE has the same problems as REFRESH MATERIALIZED VIEW.

Use a table & view to fill it with data instead of materialized view. It
is similar in principle, but the table allows us to specify indices and
updates concurrently, instead of locking the whole table.

Each item of the biflows table is updated once during its life, so leave
space for the updated entry there.

Make sure the routers that have only firewall activity aren't skipped
over due to complexities in the query.

Make sure the flow filters don't contain multiple instances of the same
address, which produced stupid log messages in ucollect. Duplicate
messages are now wiped out on the server.

The plugin may have multiple activities, so store the plugin reference
into the activity.

Precompute expensive part of the query for part of the data, do only the
rest of data on-demand.

It needs to be called from cron sometimes.

References: #4006.

So it can be watched in some kind of interface.

References: #3989.

A table in database to list which plugins are known and allowed. It'll
be filled in by jenkins in future.

References: #3989.

This one helps the derive_data script for processing and adding
countries.

It'll need it to create the flow filters

Add NOT NULL constraints to several columns on the ssh honeypot tables.

Some analysis is greatly sped up by them.

Some tool needs to tag entries with country.

Since we can use it for disconnect reasons too.

References: #3816.

Create the fake server plugin and store data into the database.

References: #3631.