ACID - acknowledgement of events ?

[Petr Ruzicka <petr_ruzicka () yahoo com>]

Hi I use Snort + ACID for some time and I would like
to know how you deal with "acknowledged" events. 
Let's say I have couple of events that I have already
saw and I prefer not delete them for future
analysis/comparsion etc. But very soon I have a lot of
such events and I'm becoming lost.
Does ACID have something like "read/unread" events
(mails)? 
Do you archive already seen interesting events and
perform correlations in archive ? 
Thanks 

Petr R.

__________________________________________________
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by: Jabber - The world's fastest growing 
real-time communications platform! Don't just IM. Build it in! 
http://www.jabber.com/osdn/xim
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users