[Snort-users] Snortdb against MySQL
Ben at ...32...
Wed Mar 21 19:05:22 EST 2001
I, for one, would like to have a look at the script.
From: Neil Dickey [mailto:neil at ...1633...]
Sent: Wednesday, March 21, 2001 5:51 PM
To: Brian.DeGregorio at ...1630...; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snortdb against MySQL
Brian.DeGregorio at ...1630... wrote asking:
>Has anyone found or written a script to go thru the snort database and
>archive old entries?
If you mean a script that will roll over logs after the manner of Solaris
with respect to /var/adm/messages, then I wrote one that does it. I run it
once a week out of crontab, keeping the previous 7 weeks for reference
purposes. I 'gzip' the logs being archived to save space, but you could
make it use any file compressor you have handy.
Let me know if this is what you're interested in, and I'll post a copy.
Obviously, it runs under Solaris but might work in other flavors of unix
as well with a little tweaking.
Neil Dickey, Ph.D.
Northern Illinois University
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users