[Snort-users] MySQL Log rotate

Jyri Hovila jyri.hovila at ...2940...
Mon Sep 10 04:31:02 EDT 2001


Hi!

>> How so I rotate the logs in MySQL? Is the best way to just delete the
rows
>> in the event table? What if I want to archive the information?

> I figure old events are not worth keeping around.  I have attached a
> Perl script I use to delete events over 30 days old.  It works with
the
> version 103 schema.  Since MySQL does not have nested queries or
foreign
> key constraints, it is pretty crufty.  Lose the "acid_ag_alert" lines
if
> you are not using Acid.

Thanks for the script David!

There's one thing I don't understand. After running the script, Acid
cache contains just as many events as it did before I ran the script.
Acid application cache status says: 

	Total Events: 504
	Cached Events: 1827

Updating the alert cache has no effect. Is the cache purged
automatically after some time or do I have to do something about it
myself?

Thanks! =)

- Jyri





More information about the Snort-users mailing list