Snort mailing list archives

RE: How to delete alerts without acid

From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Tue, 16 Mar 2004 09:31:09 -0600

-----Original Message-----
From: snort-users-admin () lists sourceforge net 
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of 
Jason Humes
Sent: Monday, March 15, 2004 2:44 PM
To: 'SN ORT'; 'snort-users () lists sourceforge net'
Subject: RE: [Snort-users] How to delete alerts without acid

Sorry, my snort DB is mysql and its hosted on the notebook.  
How would I clear this out manually?  Thanks


Unless you know sql query language very well, I would suggest not doing
this.  You don't want to remove one table's entries without removing the
associated entries in other tables or you'll end up with a jumbled mess.

May I suggest using my perl script to do this in a logical, organized
manner?  I'm attaching the config file and script so they will be
archived.  Some day I'll get the docs done and put it on my website.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/

Attachment: acidPlus.config
Description: acidPlus.config

Attachment: archivePlus.pl
Description: archivePlus.pl

Current thread:

RE: How to delete alerts without acid SN ORT (Mar 15)
- RE: How to delete alerts without acid twig les (Mar 15)
- <Possible follow-ups>
- RE: How to delete alerts without acid Jason Humes (Mar 15)
  - RE: How to delete alerts without acid SN ORT (Mar 15)
- How to delete alerts without acid Jason Humes (Mar 16)
  - RE: How to delete alerts without acid Jerry Shenk (Mar 15)
- RE: How to delete alerts without acid Hutchinson, Andrew (Mar 16)
- RE: How to delete alerts without acid Schmehl, Paul L (Mar 16)