[Snort-users] Deleting data from Snort DB

sekure sekure at ...11827...
Tue Jul 27 05:36:14 EDT 2004


IIRC, you'd have to delete data from event, data, iphdr, and depending
on whether the packet is TCP, UDP, or ICMP, tcphdr, udphdr, and
icmphdr.  As far as ACID goes, I am not sure, but it's likely you'll
need to clean those tables as well...


----- Original Message -----
From: Jeff Heckart <jheckart at ...12186...>
Date: Tue, 27 Jul 2004 07:37:29 -0400
Subject: [Snort-users] Deleting data from Snort DB
To: snort-users at lists.sourceforge.net




Hello,

 

I am trying to rid old data from my snort/acid MySQL database.  I have
looked around and the only method that I have found is by way of the
ACID interface.  I would like to delete based on time through the
MySQL client.  Is there a script around that does this, or what tables
would I need to delete data from based on time?

 

Thanks.




More information about the Snort-users mailing list