[Snort-users] Snort & Oracle
Kreimendahl, Chad J
Chad.Kreimendahl at ...4716...
Fri Mar 1 08:22:04 EST 2002
We use Oracle 9i (9.0.1) on solaris 8... We've written a management tool of
our own that allows us to do configuration of the sensors as well. My major
suggestion is that if you plan on doing a fair amount of reporting or
queries on the database, that you index the hell out of it. Specifically,
any column in a table that links (joins) to another table, could be sorted
or searched upon, should be indexed. I'm not sure how much you know of
oracle, but depending on how much data you plan on having, and how often
you'll clean it up, you may want to consider using separate disk on which to
put your tablespace. And if it's even heavier use, separating logs
(rollback and the like) onto even another disk.
Then again, we're paranoid...
From: Dan McIntosh [mailto:d.mcintosh at ...3338...]
Sent: Thursday, February 28, 2002 6:27 PM
To: Snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort & Oracle
I plan to configure snort to log to an Oracle 8.17 (Linux) database. I
would be interested if anyone else is doing this and if they have any
suggestions, pointers or can point me to any FAQs, etc.
Also, are there any tools (like Acid) that work with snort data in
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users