Snort mailing list archives

Re: Snort and MySQL - clearing alerts

From: Paul Schmehl <pauls () utdallas edu>
Date: Thu, 10 Jun 2004 22:30:00 -0500

--On Thursday, June 10, 2004 4:54 PM -0400 George Laiacona<glaiacona () aikencountysc gov> wrote:

I've got a simple problem.
I get well in excess of 150K alerts in a day. Deleting the alerts
through ACID takes forever because it times out, and only clears about
7000 to 10000 alerts. And takes 3 minutes to do so. My question: is
there an easier/ faster/ more logical way of clearing alerts?

You can use my perl script:

http://www.ntsug.org/downloads/archivePlus.tar.gz

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu


-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.

From Windows to Linux, servers to mobile, InstallShield X is the

one installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Snort and MySQL - clearing alerts George Laiacona (Jun 10)
- Re: Snort and MySQL - clearing alerts Paul Schmehl (Jun 10)