Task #3302
Updated by Victor Julien almost 5 years ago
The suggestion at Suricon 2019 was to have an analyzer that inspects a ruleset and compiles it into a more optimized form.
An example: if there are many similar rules for matching a DNS query, perhaps this logic could automatically convert this into a single rule + a dataset.
The purpose of this ticket is to research what those optimizations could be and test if they actually improve performance.