Keeping separate databases?

[Jason Humes <jhumes () acs on ca>]

Hi
Here is my situation...I've got snort on a notebook which I use at various
sites and right now, I just delete all the alerts in between sessions at
each site...just to keep the DB clean and only containing records for the
site which I'm currently monitoring.  Is there any way to archive all the
alerts generated from one site, so that they no longer show up/are processed
by the ACID console and I'd also like to be able to re-load them into ACID
at a later time for reviewing.  So for example, I go to CustomerSiteA and
drop off the Snort Notebook for a day.  I go back the next day, select all
the Alerts shown in the ACID console and somehow archive them, which would
remove them from the ACID console.  And then later on pull them back up.
Thanks



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users