Snort mailing list archives
Re: manual access to ACID databases
From: Susan Kay Coulter <skc () lanl gov>
Date: Wed, 10 Oct 2001 15:20:08 -0600
Oh yea -- as for the ip thing. Definitely doable. Use the archive.pl I sent and change the driver table to iphdr. (instead of event) On another note ... the number of columns defined in archive.pl may not be correct for everyone. I made manual changes to move from schema version 102 to 103 (which is where I'm at now) -- and I did not drop the columns that are no longer used in 103 because I did not want to lose the old data. Might want to verify the column count.
Does anyone have a script to extract all entries for a particular IP address from a MySQL database? I would like to stop logging to the snort.log file too, as this probably adds some load and gets erased every time I stop and start snort after a config change. I hate logging the same thing to 3 places, 2 is bad enough. Steve Rudolph CCSA, CCSE J. Walter Thompson World Wide IT
-- Susan Coulter Network Security Team CCN-5 Network Engineering Los Alamos National Laboratory voice: (505) 667-8425 fax: (505) 665-7793 ------------------------------------------------------- -- Susan Coulter Network Security Team CCN-5 Network Engineering Los Alamos National Laboratory voice: (505) 667-8425 fax: (505) 665-7793 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- manual access to ACID databases Jones, Benny (Oct 10)
- <Possible follow-ups>
- RE: manual access to ACID databases Steve Halligan (Oct 10)
- Re: manual access to ACID databases Susan Kay Coulter (Oct 10)
- Re: manual access to ACID databases Steve . Rudolph (Oct 10)
- Re: manual access to ACID databases Susan Kay Coulter (Oct 10)
- Re: manual access to ACID databases Susan Kay Coulter (Oct 10)