RE: ACID 0.9.6b23 Search page issue

["McGuire, Dennis" <dmcguire () brierley com>]

This happens with a db that has ~60k events in it.  I recently (yesterday)
deleted ~1M rows but after that the tables were optimized.  I'm trying to
get to the point where I archive on a regular basis - part of that process
invloves searching, which is where I'm stuck now :-).

-----Original Message-----
From: Erick Mechler [mailto:emechler () techometer net] 
Sent: Tuesday, January 28, 2003 6:03 PM
To: McGuire, Dennis
Cc: 'snort-users () lists sourceforge net'
Subject: Re: [Snort-users] ACID 0.9.6b23 Search page issue


:: Just upgraded from b21 to b23 today, mainly to gain the year 2003 fixes.
:: Whne I access the 'Search' page all I get is a partial listing of the
parms
:: that used to be available on that page; in fact it seems that only the
Meta
:: Criteria section is visible, and even then "Alert time" with a choice for
:: "(" is as far as I can see.

I've seen this happen to me as well, but only with a very large number of
alerts in the DB.  When this happens, I find that I have to reload the page
a few times before it gets all the fields.  Are you expiring your old alerts
at all?

Cheers - Erick