[Snort-users] ACID/SQL performance issues
Jim.Howard at ...2728...
Wed Oct 3 11:47:04 EDT 2001
Hi folks, just wondered if there was anyone addressing the performance of
the SQL calls from ACID. I have a 200,000 entry snort database in MySQL.
Of this, some 90k are from nimda infected machines (not my own thankyou.).
I changed the timeout value from the default 30 seconds to 3600 (yes, 1
hour), and it is still timing out when trying to manipulate this sql call.
I am trying to take these records and move them to the archive database. I
also tried just plain deleting them. Both fail. I optomized all the tables
before trying, as well. I haven't added any of the optional indexes, as I
am fairly new to MySQL, and haven't had time to look up how to add them..
would this help?
The machine is a P-II 350mhz with 256 meg RAM, running snort 1.8.1, MySQL,
and ACID b13. I saw one other post where the person wrote some of their own
SQL, just to make sure it wasn't a problem in MySQL. I really like the ACID
interface, for presentation, and ease of use... Is there anything we can do
to increase performance? I would be willing to donate some testing time if
it would help. I don't know a lot of SQL though.
MySQL Ver 11.15 Distrib 3.23.41
More information about the Snort-users