Snort mailing list archives
Re: Database Archival
From: Susan Kay Coulter <skc () lanl gov>
Date: Mon, 15 Oct 2001 15:21:23 -0600
I build those static tables with the create script for my archive database. I don't archive the flags or protocol tables either. Those are also built with static definitions in the create script. Doesn't mean you can't add them to your version of the scripts if you feel more comfortable that way.
Hello, I have a quick question. I am not very familiar with mysql never mind trying to archive data off to another mysql DB. So here goes. I have copies of Susan Kay Coulter's Perl scripts, but they appear to only archive the following tables. acid_ag acid_ag_alert acid_ip_cache reference reference_system schema sensor sig_reference signature iphdr tcphdr udphdr icmphdr data opt acid_event The following tables are not read from. detail encoding sig_class Shouldn't the data in these tables be archived as well? Thanks! vjl Susan Kay Coulter wrote:There is a glitch in mysql. The user that attempts the archive using the 'outfile' option must have FILE privileges in the user table. The GRANT command, which is usually used to grant privileges, does not successfully put a Y in the column for file privileges in the user table. I was forced to manually updated the table and place a Y in the file privileges column. (Then you must run the FLUSH privileges command.) I did not mention this in my earlier post - because I was not sure if it was specific to my installation of mysql. Apparently (since you are not the first person to ask about this) it is a problem with mysql. On Mon, 15 Oct 2001, you wrote:Hi Susan, I am trying to use your script, but I have run in to a strange problem. Here is the error I am getting. srems# ./archive.pl DBD::mysql::st execute failed: Can't create/write to file '/vol1/mysql/archive/event.arc' (Errcode: 13) at ./archive.pl line 186. DBD::mysql::st execute failed: Can't create/write to file '/vol1/mysql/archive/event.arc' (Errcode: 13) at ./archive.pl line 186. I can't figure out why it is complaining about this? Any ideas? Thanks! vjl -- V.Jay LaRosa EMC Corporation Systems Administrator 171 South Street (508)435-1000 ext 14957 Hopkinton, MA 01748 (508)497-8082 fax www.emc.com---------------------------------------- Content-Type: text/html; name="unnamed" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- -- Susan Coulter Network Security Team CCN-5 Network Engineering Los Alamos National Laboratory voice: (505) 667-8425 fax: (505) 665-7793-- V.Jay LaRosa EMC Corporation Systems Administrator 171 South Street (508)435-1000 ext 14957 Hopkinton, MA 01748 (508)497-8082 fax www.emc.com
---------------------------------------- Content-Type: text/html; name="unnamed" Content-Transfer-Encoding: 7bit Content-Description: ---------------------------------------- -- Susan Coulter Network Security Team CCN-5 Network Engineering Los Alamos National Laboratory voice: (505) 667-8425 fax: (505) 665-7793 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Database Archival Susan Kay Coulter (Oct 15)