Snort mailing list archives

Archive Database in ACID

From: "Counselman, Chris Contractor/Sverdrup" <chris.counselman () us army mil>
Date: Wed, 22 Jan 2003 15:12:43 -0600

I am running RedHat 8.0, snort 1.9.0, and ACID .9.6b22 logging to a
mysql database.
I have two acid directories, one to connect to the alert database and
one to connect to the archive database.
 
I am trying to move current alerts to the archive database. I setup
everything and can move or copy alerts to the archive database once and
then view those alerts. When I try to move or copy alerts again it says
successful move to the archive but when I go to the archive instance of
ACID, the main screen actually updates the TCP/ICMP/UDP graphs to
reflect the extra data but I can not see the data anywhere else. It does
not say new alerts added and the new alerts does not show up anywhere
but the graph.
 
 
Thanks,
 
Chris

Attachment: smime.p7s
Description:

Current thread:

Archive Database in ACID Counselman, Chris Contractor/Sverdrup (Jan 23)
- Re: Archive Database in ACID Lawrence Reed (Jan 23)
- Re: Archive Database in ACID Herve Debar (Jan 24)