[Snort-users] Script to move alerts from snort db to snort_archive db

Erick Mechler emechler at ...7719...
Tue Dec 17 17:08:21 EST 2002


:: I was wondering if someone has a script to perform the move from the
:: snort db to snort_archive db much like ACID does. I just want to be able
:: to do it via a script instead of using the front end. Anybody?

I don't, but if you enable the SQL trace feature of ACID while archiving
some alerts, you should be able to figure out what SQL is necessary to do
this and then write your own script.

Or you can wait to see if someone else has already done this for you :)

Cheers - Erick




More information about the Snort-users mailing list