Snort mailing list archives
Scripting things in ACID/php
From: Steve Halligan <agent33 () geeksquad com>
Date: Mon, 4 Feb 2002 15:21:17 -0600
A while ago, someone asked if there was a way to script the update of the ACID event cache table, in order to avoid long page loads on busy networks or if ACID hadn't been accessed in a long time. I suggested leaving a browser windows open, and using its auto_refresh to keep the cache updated. I am here today to say I have seen the light and there is an easier way! If you have php compiled as a CGI, you can use it just like you would use a perl or shell script. By the way, if you are using PHP as an apache module, you can also compile it as a cgi and use it both ways. You can then simply use cron to schedule it. This could also be done to automate email sending on alert, archiving, etc etc. The attached script updates the alert cache. Please excuse the bit of html it spits out, I call the update_alert function in acid which outputs in html. run it like this: /path/to/acid/acid_event_update.php The -q flag in the script supresses php's generator headers. Make sure to change the first line in the script to reflect where you have the php binary installed.
Attachment:
acid_event_update.php
Description:
Current thread:
- Scripting things in ACID/php Steve Halligan (Feb 04)