[Snort-users] import historical data into ACID?
ceidem at ...5503...
Wed Aug 7 08:57:07 EDT 2002
> I'm trying out ACID and have got everything working, with the
> since I just installed it I have no data to run any useful
> queries. Though I
> have a year's worth of Snort logs. Is there any way I can
> bring these logs
> into the MySQL database so I can run some queries against
> data for the last
set up a snort.conf to log to mysql:
output database: log, mysql, user=snort password=snort dbname=snort
output database: alert, mysql, user=snort password=snort dbname=snort
then go to the directory where your logs are and run this:
for i in `ls snort-*log`; do snort -A none -c
<path/to/snort.conf>snortmysql.conf -dr $i; done
this should fill your database up quite nicely...
More information about the Snort-users