[Snort-users] Unique alerts for searched time periods in ACID?

wfenwick at ...4447... wfenwick at ...4447...
Wed Mar 20 12:48:21 EST 2002


Hello folks,

Last week I had a dumb question that wasn't that dumb. PHP has an optional
php.ini file that was changed and turned off a couple of things that you
must have for ACID's session states to be carried. When these are set off
in the "optimized php.ini" that comes with the php distro, it will cause
pain within ACID when doing things like getting last month's unique alerts.

198c198 
< register_globals      =       On              ; Whether or not to register the EGPCS variables as global
--- 
> register_globals      =       Off             ; Whether or not to register the EGPCS variables as global
204c204 
< register_argc_argv    =       On              ; This directive tells PHP whether to declare the argv&argc
---
> register_argc_argv    =       Off             ; This directive tells PHP whether to declare the argv&argc

It might not be both parameters, but I made these changes atomically and I'll
get killed if I restart Apache one more time... :)

W

-------
Original Message by me:
-------
     Hi folks,

     Within ACID, is there a (new) way to get unique alerts that are bound by 
     search criteria? I seem to recall this functionality being available
     by searching on a set of data and getting the list, then clicking
     Unique Alerts, and that current search view would be "uniquified".

     Was this functionality removed, or was that the day I tried that new
     mushroom soup?

     W




More information about the Snort-users mailing list