[Snort-users] Acid database lost events, help!!!

Brei, Matt mbrei at ...8727...
Wed May 21 07:46:07 EDT 2003

I have been running snort for about 4 months.  The Snort db had about
12000 alerts and the archive db had about 19000.  I moved all of the
alerts from April to the archive db, ACID said it successfully moved
8000 alerts, which SHOULD leave me with about 4000 in the main db and
27000 in the archive db.  The archive db only has about 20000 and the
main db is now empty.  The strange thing is, in the mysql db directory,
none of the main Snort db file sizes got any smaller and the archive
files grew in size.  What happened to the alerts?


Snort 1.9.1 on Redhat 7.2 alerts to

ACID v0.9.6b23, MySQL 3.23.56, Apache 2.0.45 on RedHat 8


Matt Brei


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030521/7a9cc7b2/attachment.html>

More information about the Snort-users mailing list