[Snort-users] Snort Archive Database Creation Script
alejandro.flores at ...11361...
Sat Jul 31 04:58:03 EDT 2004
A mysql database is a directory where each table is a file. In a ugly
way, you can stop your mysql, go to your databases directory
(/var/lib/mysql in redhat/fedora), rename your database (mv snort
snort-archive), start mysql and recreate the original database. Remember
to grant privileges to your 'new' database.
(I do not recommend you do this!)
There's a tool called 'mysqlhotcopy' that I guess will fit your needs.
It comes with MySQL, so you can check the documentation with: perldoc
mysqlhotcopy or pointing your browser to:
> Hi all. Don't know if this question has been asked before. I wasn't
> able to find too much on google or the list archive.
> I would like to be able to archive events picked up by my snort IDSs.
> Now, I know that ACID has this functionality. But I also know that
> you have to have the database backend. Does anyone know if 1) the DB
> setup script that comes with the snort package will work for the
> "snort-archive" db? or 2) if there's a snort-archive db setup script
> that I missed in the package? or 3) is there a 3-rd party script some
> where out there in userland? I'm not the most savvy mysql DBA, so it
> would be non-trivial for me to try to set up the db myself.
> Any guidance would be appreciated.
More information about the Snort-users