I need help: a dataset containing suricataID, signature, classification, category and severity (1 highest severity, 2 medium, 3 lowest) among other features about flow. How can I use this data to segment and classify these alerts? Using machine learning techniques? Is it redundant to offer classification views? How can these attributes be used? Is it possible to present better performances, benchmarks? Is it possible for suricata not to record all efficient alert events in relation to the enumerated volume of very large rules? Could you help me reflect on this sense of integrating machine learning techniques in a dataset represented by a collection of log files?