Snort mailing list archives

Re: Where's Waldo?

From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Thu, 11 Oct 2012 16:13:07 -0500

--On October 11, 2012 8:58:12 PM +0100 Peter Bates <peter.bates () ucl ac uk> 
wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello all

On 11/10/2012 20:29, AllowOverride wrote:

just a test, i will clear tables, and close browser, come back in 1
hour increments, and see if that is the issue, it takes an hour to
input new data after base clear table buttons have cleared. im
assume there is a switch in the configs to make it quicker.


I've never personally looked for the option to clear tables in BASE
but I can say I use a script called archivesnort.pl which moves alerts
after 7 days to the archive DB and deletes them after 30.

Are you serious?  I wrote that thing about 8 years ago.  I can't believe 
anybody is still using it.  Hasn't the schema changed since then?  I'm 
amazed it still works.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell


------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: Where's Waldo?, (continued)
- - - Re: Where's Waldo? AllowOverride (Oct 09)
    - Re: Where's Waldo? Paul Schmehl (Oct 09)
    - Re: Where's Waldo? AllowOverride (Oct 09)
    - Re: Where's Waldo? Paul Schmehl (Oct 09)
    - Re: Where's Waldo? AllowOverride (Oct 10)
    - Re: Where's Waldo? waldo kitty (Oct 10)
    - Re: Where's Waldo? AllowOverride (Oct 10)
    - Re: Where's Waldo? waldo kitty (Oct 10)
    - Re: Where's Waldo? AllowOverride (Oct 11)
    - Re: Where's Waldo? Peter Bates (Oct 11)
    - Re: Where's Waldo? Paul Schmehl (Oct 11)
    - Re: Where's Waldo? Joel Esler (Oct 11)
    - Re: Where's Waldo? beenph (Oct 11)
    - Re: Where's Waldo? AllowOverride (Oct 11)
    - Re: Where's Waldo? AllowOverride (Oct 11)
    - Re: Where's Waldo? AllowOverride (Oct 11)
    - Re: Where's Waldo? AllowOverride (Oct 11)
    - Re: Where's Waldo? Michael Steele (Oct 11)
    - Re: Where's Waldo? Castle, Shane (Oct 11)
    - Re: Where's Waldo? AllowOverride (Oct 11)
    - Re: Where's Waldo? AllowOverride (Oct 11)

(Thread continues...)