Snort mailing list archives
Re: MySQL & ACID Issues
From: "Lawrence Reed" <Lawrence.Reed () noaa gov>
Date: Tue, 11 Mar 2003 18:12:17 +0000
Try rebuilding the alert cache. acid front page -> Application cache and status -> Rebuild alert cache - - wrote:
My current setup consists of snort logging to mysql, then using acid to view the logs. Within the web server I have two copies of acid, one configured for the live snort database, the other is for the archive. Making it easier to move back and forth between both databases. The problem that just showed up about a week ago is that if I go to move events from the live database to the archive through acid. Acid says they have successfully been moved, but when viewing the archived database, they are not added. The database stays the same size with the same amount of alerts before I tried moving any from the live database. They do in fact disappear from the live database too. So if I go to move any alerts, they disappear from the live, and never show up in the archive... losing the events. Also if I check the individual mysql files on the file system, it show's they have been modified. Checking the logs of snort, apache, & mysql show's nothing out of the ordinary. The live database continues to work fine with new events written to it constantly. In the archive database, I can also delete events. But not copy or move. I tried deleting the snort_archive database and starting over from 0 events before trying to restore the backup, this also did not work. I have a feeling that it's something to do with acid, but I'm not sure. I tried a freshly untared copy of acid and adodb, but this also did not work. My versions are listed below, and any help is greatly appreciated. For now all I can do is leave all the alerts in the live database. But it's getting quite cumbersome. Slackware 8.1 Snort 1.9.0 MySQL 3.23.55 Adodb 3.10 Acid 0.9.6b23 Thanks again, ZB -------------------------------------------------------This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod:http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Larry Reed Lawrence.Reed () noaa gov NOAA IT Security Office PGP Public Key: http://search.keyserver.net:11371/pks/lookup?op=get&search=0x7A998772 -------------------------------------------------------This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- MySQL & ACID Issues - - (Mar 11)
- Re: MySQL & ACID Issues Lawrence Reed (Mar 11)
- Re: MySQL & ACID Issues Erick Mechler (Mar 11)
- <Possible follow-ups>
- RE: MySQL & ACID Issues Rossi, Rob (Mar 11)