[Snort-users] ACID and archive database

Jorge Santos jorgesantos at ...6300...
Wed Jul 17 02:23:06 EDT 2002


Hi list

I have a working snort 1.8.6 that outputs to a mysql database. To
analyse the alerts i use acid-0.9.6b21. When i try to move alerts, for
the first time in a session, to the archive database, all the alerts are
moved fine. But if i try to move say 500 alerts after i moved the first
ones, the alert database says it moved the 500 alerts, but the archive
database only shows about 100 new ones.

I created the DB's exactly with the same script that comes with snort
distribuition.

What can possibly be wrong?

Thanks in advance

--
   \_/      Jorge Alexandre Santos
   'v'      jorgesantos at ...6300...
  // \\     Tel : 212327300
 /(   )\    Fax : 212327301
  ^`~´^     Valnet Sado S.A. 






More information about the Snort-users mailing list