Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Archive Database in ACID

From: Herve Debar <herve.debar () francetelecom com>
Date: Thu, 23 Jan 2003 17:24:43 +0100
Counselman, Chris Contractor/Sverdrup wrote:

I am running RedHat 8.0, snort 1.9.0, and ACID .9.6b22 logging to a
mysql database.
I have two acid directories, one to connect to the alert database and
one to connect to the archive database.
I am trying to move current alerts to the archive database. I setup 
everything and can move or copy alerts to the archive database once and
then view those alerts. When I try to move or copy alerts again it says
successful move to the archive but when I go to the archive instance of
ACID, the main screen actually updates the TCP/ICMP/UDP graphs to
reflect the extra data but I can not see the data anywhere else. It does
not say new alerts added and the new alerts does not show up anywhere
but the graph.
There is another problem, where sensor data is not copied to the archive DB. I have a fix for this, that I need to push to the acid developpers. 

Hervé
--
Hervé Debar             <mailto:herve.debar () francetelecom com>
Tel: +33 (0)2 31 75 92 61            GSM: +33 (0)6 74 09 09 66
France Télécom R&D                   Fax: +33 (0)2 31 75 93 13
42 rue des Coutures  (--)  BP 6243  (--)  F-14066 Caen Cedex 4



-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: