[Snort-users] RE: Managing ACID Archive DB?

roman at ...438... roman at ...438...
Mon Nov 12 14:40:03 EST 2001


Ryan,

A patch to fix the archiving of signature references and classifications   
has been committed to CVS.

cheers,
Roman  

On Thu, 8 Nov 2001, Ryan Hill wrote:

> Apologies for replying to my own post, but I also noticed that none of the
> classification info is listed in the archive db either, in fact, it lists 
> all the attack records as unknown - is this perhaps because the archive  
> function isn't moving all the necessary data?
> 
> Thanks,
> Ryan   
> 
> >  -----Original Message-----
> > From:       Ryan Hill
> > Sent:       Thursday, November 08, 2001 12:00 PM
> > To: Snort Mailing List (E-mail)
> > Subject:    Managing ACID Archive DB?
> > 
> > All,
> > 
> > In my infinite desire to manage the heck out of my alert db's
> > in ACID, I wanted to setup an ACID console that would point  
> > to the archive DB instead of the active alert DB.  I figured 
> > this should be simple enough - I created a new dir on apache 
> > called acid_archive under the web root, and then modified the
> > acid_conf.php to point to the archive db instead of the alert
> > db.  Everything seemed to come up ok, except that in the
> > alerts section, all of the external link references are 
> > broken i.e. instead of a link to [CVE] or [bugtraq], the
> > output simply displays [] brackets.  I checked the conf file
> > again and the documentation on the ACID website to make sure
> > I haven't missed anything glaring - can anyone offer
> > assistance?  Roman, are you lurking about?



---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-users mailing list