[Snort-users] RE: Managing ACID Archive DB?

Ryan Hill rhill at ...2446...
Thu Nov 8 17:08:09 EST 2001


Apologies for replying to my own post, but I also noticed that none of the
classification info is listed in the archive db either, in fact, it lists
all the attack records as unknown - is this perhaps because the archive
function isn't moving all the necessary data?

Thanks,
Ryan

>  -----Original Message-----
> From: 	Ryan Hill  
> Sent:	Thursday, November 08, 2001 12:00 PM
> To:	Snort Mailing List (E-mail)
> Subject:	Managing ACID Archive DB?
> 
> All,
> 
> In my infinite desire to manage the heck out of my alert db's 
> in ACID, I wanted to setup an ACID console that would point 
> to the archive DB instead of the active alert DB.  I figured 
> this should be simple enough - I created a new dir on apache 
> called acid_archive under the web root, and then modified the 
> acid_conf.php to point to the archive db instead of the alert 
> db.  Everything seemed to come up ok, except that in the 
> alerts section, all of the external link references are 
> broken i.e. instead of a link to [CVE] or [bugtraq], the 
> output simply displays [] brackets.  I checked the conf file 
> again and the documentation on the ACID website to make sure 
> I haven't missed anything glaring - can anyone offer 
> assistance?  Roman, are you lurking about?
> 
> Using ACID b17 on PHP 4.0.6 w/ MySQL 3.23.42 and Snort 1.8.1 on RH 7.1





More information about the Snort-users mailing list