Snort mailing list archives
BASE/AAnval MySQL dbase management
From: John Hally <JHally () epnet com>
Date: Thu, 20 Apr 2006 09:59:19 -0400
Hello All, I'm curious as to how people are managing the mysql backend data that snort reports. I've been mulling over adding syslog entries to the mix, but with the amount of denies I see at the borders/firewalls, the database is going to get unwieldy pretty fast. Not being a DBA but knowing enough to get things up and running, is there any 'canned' scripts out there to help me out? I'm thinking along the lines of possibly archiving daily/weekly, having the dbase drop entries older than X, or something to that effect. Thoughts/suggestions? Thanks!
Current thread:
- BASE/AAnval MySQL dbase management John Hally (Apr 20)
- Re: BASE/AAnval MySQL dbase management Paul Schmehl (Apr 22)
- <Possible follow-ups>
- RE: BASE/AAnval MySQL dbase management Irons, Clarence (Apr 20)
- RE: BASE/AAnval MySQL dbase management Administration (Apr 22)