[Snort-users] Archive Database in ACID
Lawrence.Reed at ...1444...
Thu Jan 23 07:22:02 EST 2003
I saw this problem also, go to "application cache and status" from the
main page. Then click "rebuild alert cache". This worked for me.
Counselman, Chris Contractor/Sverdrup wrote:
> I am running RedHat 8.0, snort 1.9.0, and ACID .9.6b22 logging to a
> mysql database.
> I have two acid directories, one to connect to the alert database and
> one to connect to the archive database.
> I am trying to move current alerts to the archive database. I setup
> everything and can move or copy alerts to the archive database once
> and then view those alerts. When I try to move or copy alerts again it
> says successful move to the archive but when I go to the archive
> instance of ACID, the main screen actually updates the TCP/ICMP/UDP
> graphs to reflect the extra data but I can not see the data anywhere
> else. It does not say new alerts added and the new alerts does not
> show up anywhere but the graph.
Larry Reed Lawrence.Reed at ...1444...
NOAA IT Security Office
PGP Public Key: http://search.keyserver.net:11371/pks/lookup?op=get&search=0x7A998772
More information about the Snort-users