Snort mailing list archives
Re: ACID setup question
From: "Paul Schmehl" <pauls () utdallas edu>
Date: Wed, 2 Jun 2004 21:50:10 -0500
----- Original Message ----- From: "Shaun T. Erickson" <ste () smxy org> To: "Paul Schmehl" <pauls () utdallas edu> Cc: <snort-users () lists sourceforge net> Sent: Wednesday, June 02, 2004 2:24 PM Subject: Re: [Snort-users] ACID setup question
Paul Schmehl wrote:--On Wednesday, June 02, 2004 11:31:50 AM -0400 "Shaun T. Erickson" <ste () smxy org> wrote:[re: how to tell acid to find it's parts, on FreeBSD, using ports]There's a setting in the acid_conf.php file that points to adodb: $DBlib_path = "/usr/local/share/adodb"; There's another one for the graphics library: $ChartLib_path = "/usr/local/share/jpgraph"; AFAIK, that's the only thing you have to worry about. The ports
system
does the rest.I didn't see a setting in the conf file to tell acid that phplot is located in /usr/local/share/phplot, and not under the document root ...That's what I get for being in a hurry. I was thinking of snortcenter instead of acid. The correct setting for $ChartLib is /usr/local/share/phplot, not /usr/local/share/jpgraph. Sorry about that.Quite alright. You realize now, of course, that I must ask how acid will find jpgraph, then ....
Yes, right after I realized that my original answer was correct. :-( You only need to provide acid with the patch to jpgraph, *not* to phplot. Sorry about my inconsistent answers here. I'm usually more careful, but I've been in the middle of a project, and tried answering without really reading closely what you were asking.
Also ... I assume that the archive database must have exactly the same structure as the normal database, yes - just a different name?
Correct. You use the same mysql script to create its tables that you use to create the live db tables. Don't bother trying to archive events in acid, though. Unless you do really small amounts, it takes forever. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X.
From Windows to Linux, servers to mobile, InstallShield X is the one
installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID setup question Shaun T. Erickson (Jun 01)
- Re: ACID setup question Paul Schmehl (Jun 01)
- Re: ACID setup question Shaun T. Erickson (Jun 01)
- Re: ACID setup question Paul Schmehl (Jun 01)
- Re: ACID setup question Shaun T. Erickson (Jun 01)
- Re: ACID setup question Shaun T. Erickson (Jun 02)
- Re: ACID setup question Paul Schmehl (Jun 02)
- Re: ACID setup question Shaun T. Erickson (Jun 02)
- Re: ACID setup question Paul Schmehl (Jun 02)
- Re: ACID setup question Shaun T. Erickson (Jun 01)
- Re: ACID setup question Paul Schmehl (Jun 01)