Snort mailing list archives

Re: CPU usage!

From: Wes Young <wcyoung () buffalo edu>
Date: Mon, 09 May 2005 10:21:59 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Whenever you use ACID (and or Base at this point) everytime you load a
page, it caches all the recent alerts from your SnortDB to the
Acid_alert cache  table. Something that I found speeds up the process is
a simple perl script or cronjob that queries the main webpage every X
min's to trigger this. (# update the Base alert cache
* * * * * root curl https://localhost/base_main.php -k >& /dev/null
)

helps for when you don't use acid/base for a while, keeps your alert
cache up to date for when you use it again (thus spreading out that 90%
load you see over the period in which you dont use acid/base).

mahboobeh soleimani wrote:

Hi there.
 
I recently have installed Snort and ACID on a system which its
specifications are listed bellow:
 1. 512 M RAM
2. 100 GIG hard disk (IDE)
3. CPU 2.40GHz
 
and when I try to bring ACID up for the first time the CPU usage of
system goes to more than 90% and on the other hand when I send a request
(by using ACID) the CPU usage of my system goes to more that 90% too.
I installed Snort and ACID and database all on this system and no more
server I am using (something like DB server). Sensor sniffs at most 3
Mbit/sec (by using a monitor port) and I use mysql for saving the alerts
in a database.
Do you think my problem is due to the hardware which I am using?
 
thanks in advance.
 
M.S.

------------------------------------------------------------------------
Yahoo! Mail Mobile
Take Yahoo! Mail with you!
<http://us.rd.yahoo.com/mail_us/taglines/mobile/*http://mobile.yahoo.com/learn/mail>
Check email on your mobile phone.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCf3IH1M5o0FsrrbERAoDlAJ9HSMXWe6wOV66PHXcvq/jJD40JEgCeIzf2
idfxyl6RBGL3gQanwcJqrR8=
=E2JC
-----END PGP SIGNATURE-----


-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

CPU usage! mahboobeh soleimani (May 09)
- Re: CPU usage! Wes Young (May 09)
- <Possible follow-ups>
- RE: CPU usage! Esler, Joel - Contractor (May 09)