Snort mailing list archives
RE: How to delete alerts without acid
From: "Jerry Shenk" <jshenk () decommunications com>
Date: Mon, 15 Mar 2004 22:17:26 -0500
Try going into the acid config file and changing the default timeout from 180 (seconds) to 900 or something like that. I had the same issue when a client got nailed with Blaster....they had over 1,000,000 alerts and that was a bit of a pain to clear out! -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jason Humes Sent: Monday, March 15, 2004 12:49 PM To: 'snort-users () lists sourceforge net' Subject: [Snort-users] How to delete alerts without acid Hi I've got snort installed on a notebook which we use as a portable IDS. We take this out and drop it off at sites which may be experiencing problems. This notebook is a P4 2.8ghz with 512RAM and 20gig HD. I'm trying to delete about 300000 alerts from the Snort DB through the ACID console, yet the page never seems to refresh after I select the alerts and hit Delete. The HD activity light stays lit constant, yet no refresh (even after 30minutes). Is there any way to clear up the alert database without using acid? Could this problem be related to something other than the large number of alerts? Thanks Jason D. Humes ********************************************************************** Confidentiality Notice: The information contained in this e-mail and any attachments may be legally privileged and confidential. If you are not an intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail and any attachments is strictly prohibited. If you received this e-mail in error, please notify the sender and permanently delete the e-mail and any attachments immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. Thank you. ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: How to delete alerts without acid SN ORT (Mar 15)
- RE: How to delete alerts without acid twig les (Mar 15)
- <Possible follow-ups>
- RE: How to delete alerts without acid Jason Humes (Mar 15)
- RE: How to delete alerts without acid SN ORT (Mar 15)
- How to delete alerts without acid Jason Humes (Mar 16)
- RE: How to delete alerts without acid Jerry Shenk (Mar 15)
- RE: How to delete alerts without acid Hutchinson, Andrew (Mar 16)
- RE: How to delete alerts without acid Schmehl, Paul L (Mar 16)