[Snort-users] SnortSnarf performance

Siddhartha Jain s_i_d_j at ...131...
Mon Mar 26 18:03:50 EST 2001


Hi,

I am using SnortSnarf-111500.1 to generate reports from 'alert' produced by
Snort. The problem is SnortSnarf takes too much memory and time to produce
the html once the alert file grows too large. I am running SnortSnarf on a
E220R (Dual UltraSparc-450MHz with 1GB RAM). I run SnortSnarf every half an
hour thru' cron but once the size of the alert file grows above 50 MB,
snortsnarf takes more than half an hour to end so the html is almost always
unaccessible thru' the web server. How do i help the reporting process? My
alert file grows to >50MB in just a couple of days. This is how i run snort,

./snort -D -de -C -i hme1 -l ../log -c ../conf/snort.conf

TIA,

Siddhartha



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com





More information about the Snort-users mailing list