Re: Question about best hardware

[Michael Stone <mstone+snort () mathom us>]

On Mon, Mar 08, 2004 at 01:31:41PM -0600, Josh Berry wrote:
> I don't have a performance issue over 100K.

I have just shy of 2 million records at the moment, and from the main
Acid screen it takes 46 seconds for the "unique alerts for the last 24
hours" to load. Other complex queries (queries across the whole database
based on some search criteria) take about the same amount of time. Is
that slow or is that fast? It is certainly slow if you're trying to do a
lot of such queries interactively. OTOH, individual events load almost
instantaneously. In a discussion about performance it's really helpful
to use real numbers and to clearly state what the usage patterns and
expectations are.

Mike Stone


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users