![snort logo](/images/snort-logo.png)
Snort mailing list archives
Re: Snort log previewing with Acid.
From: Joseph Gresham <joe () onshore com>
Date: 17 Jan 2003 09:39:17 -0600
I find that Mysql is lots faster (see http://www.andrew.cmu.edu/~rdanyliw/snort/perf/acid_perf.html) If you are having a hard time with large alerts it is probably the max_script_runtime variable in acid_conf.php. This will basicaly stop the script after x seconds of execution. I had to increase this value to 1800 seconds for som equeries to work. On Wed, 2003-01-15 at 20:16, Anthony Liberty wrote:
hi snort user, i've trouble when previewing snort report with acid. when the attack data is small, acid can show the alert report. but when the attack data is quite large , acid can't show the alert report. anybody has any idea how to tuning up this acid-mysql. i'm quessing this is a problem of memory ,coz mysql needs large memory to query large data. my memory is 128Mb,with 512 swap and PIII-800. is there any script to be add to tuning up this acid report , or have u ever try to change mysql to postgressSQL , is it more faster ? thanks, --thony-- ------------------------------------------------------- This SF.NET email is sponsored by: A Thawte Code Signing Certificate is essential in establishing user confidence by providing assurance of authenticity and code integrity. Download our Free Code Signing guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Joseph J. Gresham Jr. Systems Integration/Network Engineer OnShore Inc. 312-850-5200 x.138 ------------------------------------------------------- This SF.NET email is sponsored by: Thawte.com - A 128-bit supercerts will allow you to extend the highest allowed 128 bit encryption to all your clients even if they use browsers that are limited to 40 bit encryption. Get a guide here:http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0030en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort log previewing with Acid. Anthony Liberty (Jan 15)
- Re: Snort log previewing with Acid. Erek Adams (Jan 16)
- Re: Snort log previewing with Acid. Joseph Gresham (Jan 17)
- <Possible follow-ups>
- RE: Snort log previewing with Acid. Hicks, John (Jan 16)