[Snort-users] Snortdb against MySQL

Jones, Benny Ben at ...32...
Wed Mar 21 19:05:22 EST 2001

I, for one, would like to have a look at the script.



-----Original Message-----
From: Neil Dickey [mailto:neil at ...1633...]
Sent: Wednesday, March 21, 2001 5:51 PM
To: Brian.DeGregorio at ...1630...; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snortdb against MySQL

Brian.DeGregorio at ...1630... wrote asking:

>Has anyone found or written a script to go thru the snort database and
>archive old entries? 

If you mean a script that will roll over logs after the manner of Solaris
with respect to /var/adm/messages, then I wrote one that does it.  I run it
once a week out of crontab, keeping the previous 7 weeks for reference
purposes.  I 'gzip' the logs being archived to save space, but you could
make it use any file compressor you have handy.

Let me know if this is what you're interested in, and I'll post a copy.
Obviously, it runs under Solaris but might work in other flavors of unix
as well with a little tweaking.

Best regards,

Neil Dickey, Ph.D.
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois

Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list