Snort mailing list archives
Re: Looking for Archive help
From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 03 Aug 2007 10:09:26 -0500
--On Friday, August 03, 2007 09:15:13 -0400 Bill Warren <bwarren () optivel com> wrote:
My script will do the first part, but not the second. I usually archive by month, and create a new archive dbs for each succeeding month. That way you can drop older months whenever you want to. (I keep a 12 months of data.)Hello, I am trying to find a script that will archive snort events based on time (say 18 days) & delete events from the archive that are (say 60 days) old using mysql & base for snort.
<http://www.ntsug.org/downloads/archivePlus.tar.gz> -- Paul Schmehl (pauls () utdallas edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Attachment:
_bin
Description:
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Looking for Archive help Bill Warren (Aug 03)
- Re: Looking for Archive help Paul Schmehl (Aug 03)