[Snort-users] RE: Managing ACID Archive DB?
rhill at ...2446...
Thu Nov 8 17:08:09 EST 2001
Apologies for replying to my own post, but I also noticed that none of the
classification info is listed in the archive db either, in fact, it lists
all the attack records as unknown - is this perhaps because the archive
function isn't moving all the necessary data?
> -----Original Message-----
> From: Ryan Hill
> Sent: Thursday, November 08, 2001 12:00 PM
> To: Snort Mailing List (E-mail)
> Subject: Managing ACID Archive DB?
> In my infinite desire to manage the heck out of my alert db's
> in ACID, I wanted to setup an ACID console that would point
> to the archive DB instead of the active alert DB. I figured
> this should be simple enough - I created a new dir on apache
> called acid_archive under the web root, and then modified the
> acid_conf.php to point to the archive db instead of the alert
> db. Everything seemed to come up ok, except that in the
> alerts section, all of the external link references are
> broken i.e. instead of a link to [CVE] or [bugtraq], the
> output simply displays  brackets. I checked the conf file
> again and the documentation on the ACID website to make sure
> I haven't missed anything glaring - can anyone offer
> assistance? Roman, are you lurking about?
> Using ACID b17 on PHP 4.0.6 w/ MySQL 3.23.42 and Snort 1.8.1 on RH 7.1
More information about the Snort-users