[Snort-users] Alert caching for ACID as a cron job
agent33 at ...187...
Mon Sep 17 11:00:03 EDT 2001
> I have a sensor that sits on a 100mbit pipe and I get TONS of
> events. The
> problem I am running into is that each day when I get in I
> have to wait for
> it to cache a few hunderd thousand events. Looking into the
> I see the code but I don't have an environment to test it. (I
> had to fight
> for the linux boxes I have now) Does anyone have a shell
> script that does
> this already that you run as a cron job? I want to run one
> every 15 minutes
> or so.. Any info would be great..
You could just leave the Last XX alerts page open on a machine. It
refreshes, and therefore populates the cache, every x seconds.
More information about the Snort-users