RE: Snort to Oracle

["O'Flynn, Derek" <DOFlyn () lsuhsc edu>]

I have at least 15k alerts per day running on MySQL and don't have an issue.
I usually keep about 300k alerts in my database before I purge any out.

Machine is a P4 - 1.8Ghz, 1GB Ram running Redhat 7.3, Snort 1.9

Derek

-----Original Message-----
From: Steve Suehring [mailto:snort () braingia org] 
Sent: Friday, January 03, 2003 1:24 PM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Snort to Oracle

On Fri, Jan 03, 2003 at 01:07:53PM -0500, Nicholas Bachmann wrote:
> > I am getting well over 15K detected attempts a day and my database
> > grows too quickly for MySql to handle (my current setup)

MySQL shouldn't have any problems handling 15K of anything per day.  

I personally wouldn't have much faith in Oracle handling it better, all
things being equal.  Oracle has higher overhead and 15K of records isn't
that much data to begin with.  Obviously if you're running MySQL on a 486
and Oracle on a P4 there would be a difference.  :)

Are there specific issues that you're seeing with MySQL?

Steve


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users