Re: Snort Overloading BASE?

["Chan, Wilson" <wchan () honolulu gov>]

Hi Chase,

 

If your running BASE on Apache consider migrating to Lighttpd instead.
It's quite a bit faster when you have lots of events/records.

 

 

Wilson Chan

 

From: James Chase [mailto:chase1124 () gmail com] 
Sent: Wednesday, January 20, 2010 10:25 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort Overloading BASE?

 

I'm running snort-2.8.5-1 on CentOS 5.4 and collecting snort alerts to a
database with barnyard2. The problem is snort seems to be generating so
many alerts that whenever I load the BASE page it takes 5 or 10 minutes
to display! I believe it is just processing the new alerts but it really
makes the system unusable.

Is there anything that can be done to clear out the DB of old alerts
automatically or anyone else that has experienced this problem? 

-- 
"Beware of all enterprises that require new clothes."
 --  Henry David Thoreau

------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users