Snort mailing list archives
Re: Cannot archive alerts (ACID)
From: "AJ Butcher, Information Systems and Computing" <Alex.Butcher () bristol ac uk>
Date: Tue, 16 Mar 2004 16:42:57 +0000
--On 14 March 2004 15:36 -0500 Jeff Workman <jworkman () pimpworks org> wrote:
ACID Version: 0.9.6b23 Schema version: 106 PostgreSQL version: 7.4 I cannot get ACID to archive my alerts. I created both the snort and the archive database at the same time, with the same permissions for the snort user, but I get the following SQL error when I try to archive: Archive error:Database ERROR:ERROR: insert or update on table "iphdr" violates foreign key constraint "iphdr_fkey_sid_cid" DETAIL: Key (sid,cid)=(2,276) is not present in table "event".
Have you created /all/ the columns and tables in BOTH databases? cat /path/to/snort/contrib/create_mysql | mysql -p snort_log zcat /path/to/snort/contrib/snortdb-extra.gz | mysql -p snort_log cat /path/to/acid/create_acid_tbls_mysql.sql | mysql -p snort_log cat /path/to/snort/contrib/create_mysql | mysql -p snort_archive zcat /path/to/snort/contrib/snortdb-extra.gz | mysql -p snort_archive cat /path/to/acid/create_acid_tbls_mysql.sql | mysql -p snort_archive
-Jeff
Best Regards, Alex. -- Alex Butcher: Security & Integrity, Personal Computer Systems Group Information Systems and Computing GPG Key ID: F9B27DC9 GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9 ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Cannot archive alerts (ACID) Jeff Workman (Mar 16)
- Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing (Mar 16)
- Re: Cannot archive alerts (ACID) Jeff Workman (Mar 19)
- Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing (Mar 17)
- Re: Cannot archive alerts (ACID) Jeff Workman (Mar 19)
- Re: Cannot archive alerts (ACID) AJ Butcher, Information Systems and Computing (Mar 16)