Future roadmap (subject to change):
===================================
3.1
* Basic HIDS based on reactive audit component
* Multi-thread audisp-remote
* Add keywords for time: month-ago, this-hour, last-hour
* If searching user/group doesn't map to uid/gid, do translated string search
* In auditd, look into non-blocking handling of write to plugins
* Support multiple time streams when searching

3.2
* Container support
* Support TLS PSK as remote logging transport
* Add rule verify to detect mismatch between in-kernel and on-disk rules
* audisp-remote, add config to say what home network is so laptops don't try if their not on a network that can reach the server.
* Fix audit.pc.in to use Requires.private
* Change ausearch to output name="" unless its a real null. (mount) ausearch-report.c, 523. FIXME
* Fix SIGHUP for auditd network settings
* Add ability to filter events in auditd