[Snort-users] Alert caching for ACID as a cron job

Italo Antonio imigotto at ...3348...
Mon Sep 17 11:59:02 EDT 2001


What if you add "lynx -dump 10.10.10.10/acid/acid_main.php >> /dev/null"
to the crontab?

"Reeves, Michael (GEAE, Compaq)" wrote:

> Yea.. But that wouldn't be as cool...  :)
>
> Mike
>
> -----Original Message-----
> From: Steve Halligan [mailto:agent33 at ...187...]
> Sent: Monday, September 17, 2001 1:59 PM
> To: 'Reeves, Michael (GEAE, Compaq)';
> 'snort-users at lists.sourceforge.net'
> Subject: RE: [Snort-users] Alert caching for ACID as a cron job
>
> > I have a sensor that sits on a 100mbit pipe and I get TONS of
> > events. The
> > problem I am running into is that each day when I get in I
> > have to wait for
> > it to cache a few hunderd thousand events. Looking into the
> > alert_cache.inc
> > I see the code but I don't have an environment to test it. (I
> > had to fight
> > for the linux boxes I have now) Does anyone have a shell
> > script that does
> > this already that you run as a cron job? I want to run one
> > every 15 minutes
> > or so.. Any info would be great..
> >
>
> You could just leave the Last XX alerts page open on a machine.  It
> refreshes, and therefore populates the cache, every x seconds.
>
> -Steve
>





More information about the Snort-users mailing list