snort and barnyard2 using a lot of resources

[Roland RoLaNd <r_o_l_a_n_d () hotmail com>]

All,i have snort running on two interfaces as such (this is a gateway):/usr/local/bin/snort -D   -u snort -g snort -c 
/etc/snort/snort.conf -i eth0 &/usr/local/bin/snort -D    -u snort -g snort -c /etc/snort/snort.conf -i eth3 &
i have plans to set it as a binded  soon as same config is implemented on both.
Though i've noticed high resources usage by both snort and barnyard2:snort: is steady at 30 % of cpu barnyard2: uses 
100% of CPU (on restart, and then goes down to 5 % ) mysql: 100% CPU  on barnyard and snort restart.drive:   always 
above 80 % read/write according to atop
with that in mind i have two questions:
1. If i add "-N" to snort, will it stop being a resources hog but still generate alerts  ?2. Is there a way for 
barnyard2 not to process logs it already processes previously ?
PS: is there another  "best practice" way of running snort on a gateway if i just want it to work as an IDS ? 





------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!