[Snort-users] MySQL Log rotate

Jyri Hovila jyri.hovila at ...2940...
Mon Sep 10 04:31:02 EDT 2001


>> How so I rotate the logs in MySQL? Is the best way to just delete the
>> in the event table? What if I want to archive the information?

> I figure old events are not worth keeping around.  I have attached a
> Perl script I use to delete events over 30 days old.  It works with
> version 103 schema.  Since MySQL does not have nested queries or
> key constraints, it is pretty crufty.  Lose the "acid_ag_alert" lines
> you are not using Acid.

Thanks for the script David!

There's one thing I don't understand. After running the script, Acid
cache contains just as many events as it did before I ran the script.
Acid application cache status says: 

	Total Events: 504
	Cached Events: 1827

Updating the alert cache has no effect. Is the cache purged
automatically after some time or do I have to do something about it

Thanks! =)

- Jyri

More information about the Snort-users mailing list