Snort mailing list archives

Re: SQL to purge alerts over 1 month old?

From: Paul Schmehl <pauls () utdallas edu>
Date: Mon, 04 Feb 2008 12:40:51 -0600

--On Monday, February 04, 2008 09:14:19 -0500 Michael W Cocke 
<cocke () catherders com> wrote:

The subject line pretty much says it - I'm medium fair at SQL, but I'm
not seeing this;  Anyone know the syntax to flush alerts older than
one month from the alerts DB (MySQL if it matters)?


While it's still up and running, you can download my perl script here.
<http://www.ntsug.org/downloads/archivePlus.tar.gz>

It will do exactly what you describe.  You need to actually read the README 
file.  :-)

-- 
Paul Schmehl (pauls () utdallas edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

SQL to purge alerts over 1 month old? Michael W Cocke (Feb 04)
- Re: SQL to purge alerts over 1 month old? Bachelor, Stephen A CTR USSOCOM HQ (Feb 04)
- Re: SQL to purge alerts over 1 month old? Paul Schmehl (Feb 04)
  - Re: SQL to purge alerts over 1 month old? Michael W Cocke (Feb 04)
  - Re: SQL to purge alerts over 1 month old? Zakai Kinan (Feb 19)
    - Re: SQL to purge alerts over 1 month old? Paul Schmehl (Feb 19)
- Re: SQL to purge alerts over 1 month old? Terry Burton (Feb 26)