[Snort-users] Snort DB: move / copy alerts from one DB to another?
secsnort at ...5528...
Mon Jul 29 15:37:03 EDT 2002
My suggestion would be to create another database say snort2, copy the data
that you interested into that database, then move the files to your other db
server then copy the data back into the snort database. You can also use
mysql dump instead of copying the data. If you don;t have a handy dba to
help with the sql drop me a line and I will try and help
----- Original Message -----
From: "Moyer, Shawn" <SMoyer at ...5894...>
To: <snort-users at lists.sourceforge.net>
Sent: Monday, July 29, 2002 4:21 PM
Subject: [Snort-users] Snort DB: move / copy alerts from one DB to another?
> ### This isn't addressed anywhere I can find, and since I'm not much of a
> DBA, I thought I'd ask to the list before I try to figure it out on my
> I've recently moved one of my sensors from a local MySQL DB to a remote
> via stunnel. When I did this, I went ahead and just tar'd up the Snort DB
> and scp'd it to the other box, which worked like a charm.
> One snag, tho: the box was rebooted unexpectedly and the old MySQL
> came up locally on the sensor, with the local MySQL listening on
> 127.0.0.1:3306, which was the same socket I was using with stunnel, and
> since the MySQL init was before the stunnel one, for a few days the sensor
> was logging to the local DB instead of to the remote one.
> At this point I've got around 1000+ alerts I need to move over from the
> local to the remote DB, from approximately 07/23/2002 to 07/29/2002. Can
> anyone give me a hand with some SQL to pull this off?
> This sf.net email is sponsored by: Dice - The leading online job board
> for high-tech professionals. Search and apply for tech jobs today!
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users