Snort mailing list archives

Acid database lost events, help!!!

From: "Brei, Matt" <mbrei () medclaiminc com>
Date: Wed, 21 May 2003 10:45:36 -0400

I have been running snort for about 4 months.  The Snort db had about
12000 alerts and the archive db had about 19000.  I moved all of the
alerts from April to the archive db, ACID said it successfully moved
8000 alerts, which SHOULD leave me with about 4000 in the main db and
27000 in the archive db.  The archive db only has about 20000 and the
main db is now empty.  The strange thing is, in the mysql db directory,
none of the main Snort db file sizes got any smaller and the archive
files grew in size.  What happened to the alerts?

 

Snort 1.9.1 on Redhat 7.2 alerts to

ACID v0.9.6b23, MySQL 3.23.56, Apache 2.0.45 on RedHat 8

 

Matt Brei

Current thread:

Acid database lost events, help!!! Brei, Matt (May 21)
- <Possible follow-ups>
- RE: Acid database lost events, help!!! Tinsley Paul (May 21)
- RE: Acid database lost events, help!!! Brei, Matt (May 21)
- RE: Acid database lost events, help!!! Tinsley Paul (May 21)