RE: snort output

["Schmehl, Paul L" <pauls () utdallas edu>]

Ooooo...I think that would be a really bad theory.  All the mysql
queries in ACID are build to query the acid tables.  If you've switched
to squil tables you're going to get some really funky results or failed
queries (more likely the second than the first.)  Imagine doing a SELECT
on a table that doesn't exist.....or a JOIN....:-)

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

> -----Original Message-----
> From: Erek Adams [mailto:erek () snort org] 
> Sent: Tuesday, August 05, 2003 9:51 AM
> To: Slighter, Tim
> Cc: 'Erek Adams'; Snort-Users (E-mail)
> Subject: RE: [Snort-users] snort output
>
>
> On Tue, 5 Aug 2003, Slighter, Tim wrote:
>
> Just run two instances of BY.  :)  Simple.
>
> As for changing ACID....  Well, ummmm....  errr....  I have 
> no idea.  :) But from perusing the PHP, it shouldn't be too 
> big of a hack to make it work.  You just change the queries 
> to match the sguil schema, and point it to the sguil db.  
> Note:  This is theory.  Not fact.  And the two may _not_ intersect.


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users