Snort mailing list archives
RE: Clearing the snort database
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Tue, 17 Jun 2003 13:00:44 -0500
I doubt the database is "full". What's probably happening is that ACID can no longer load its tables in a reasonable amount of time. The bigger the database, the slower ACID loads. Frankly I think you should call the consultant and ask him to finish the job. Otherwise you are going to have to learn what each of the tables do and which have data that you can delete and which don't. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
-----Original Message----- From: Michael.Mulholland () dfpni gov uk [mailto:Michael.Mulholland () dfpni gov uk] Sent: Friday, June 13, 2003 8:27 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Clearing the snort database Folks, I have 11 IDS machines connecting to a single console machine with ACID on it. Unfortunately the console machine won't load the ACID console - it just sits sending the request to the localhost. As a result i've disconnected the network cable to stop any more info being collected as a stop gap I suspect the database is full so i want to clear it but being new to IDS i'm not sure how. The consultant who installed it also included a gui based client called 'gmyclient' which allows me to right click on individual tables in the snort database with the option of emptying the table Does this sound a reasonable option or can anyone point me to the directory where i need to empty the database and if possible let me know the commands i'm using redhat 8 linux apologies for appearing like a newbie but thats what i am
------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Clearing the snort database Michael . Mulholland (Jun 17)
- <Possible follow-ups>
- RE: Clearing the snort database Schmehl, Paul L (Jun 17)
- RE: Clearing the snort database LaRose, Dallas (Jun 17)
- RE: Clearing the snort database PPowenski (Jun 19)