Snort mailing list archives

Re: how ACID delete older rows ?

From: "Alex Butcher, ISC/ISYS" <Alex.Butcher () bristol ac uk>
Date: Wed, 24 Nov 2004 16:33:20 +0000

--On 24 November 2004 13:33 -0800 Mahboobeh Soleimani <soleimani () nic ir>wrote:

Hi everbody.

I have installed Snort and ACID on my system but after some weeks my
mysql  's tables growed and the speed of proccesing decrised.i can see
any result  in ACID after some weeks

.I would like to know
1)how ACID 's processing speed doesnt decrise by incrising the amount of
mysql ?

It doesn't. The more alerts you have, the worse it gets. In my experience,this is worse than linear, too.

2) how ACID delete older rows of mysql when it fulls?

It doesn't. You probably want archivePlus.pl or purge_database.sh (googlewill find them).

regards.
M.S.


HTH,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.

Discover which products truly live up to the hype. Start reading now.http://productguide.itmanagersjournal.com/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

how ACID delete older rows ? Mahboobeh Soleimani (Nov 24)
- Re: how ACID delete older rows ? Alex Butcher, ISC/ISYS (Nov 24)