[Snort-users] snort/Acid with Mysql archive problem

steveg steveg at ...6179...
Wed Jul 10 15:14:05 EDT 2002


ok I have been using a 2 db setup, 1 for current alerts and 1 for archives.
Worked great until I clear up all the alerts, I think I have just stumbled
on a bug, when all alerts are cleared it almost looks like acid (or snort
unsure there) restarts all the IDs
hence creating duplicates between the main and archive DB.

The questions:
Can anyone think of a way to test my theory ? (I don't want to go dig in
the table formats unless I have to).
Has anyone run into this ?
Has anyone figured out a way around it ?
Am I on drugs and I missed something stupid ?

Thanks for any input on that one.







More information about the Snort-users mailing list