[Snort-users] Script to purge snort and acid databases?

Jacob, Raymond A Jr raymond.jacob at ...7622...
Tue Sep 5 11:34:56 EDT 2006


I am running base "1.2.2 (cindy)"  I want to start  fresh without having
to recreate the tables.
Is there a script that will purge the relevant tables?

Doing an ls -last *.MYD
4543712 -rw-rw----  1 mysql  mysql  4650467248 Jul 17 17:25 data.MYD
1386304 -rw-rw----  1 mysql  mysql  1418840624 Jul 14 16:20
acid_event.MYD
 301792 -rw-rw----  1 mysql  mysql   308848764 Jul 14 16:19 event.MYD
 459856 -rw-rw----  1 mysql  mysql   470626688 Jul 14 16:19 iphdr.MYD
  21280 -rw-rw----  1 mysql  mysql    21759711 Jul 14 16:19 udphdr.MYD
 175088 -rw-rw----  1 mysql  mysql   179167726 Jul 14 01:08 icmphdr.MYD
  84208 -rw-rw----  1 mysql  mysql    86161620 Jul 13 21:44 tcphdr.MYD
  14608 -rw-rw----  1 mysql  mysql    14930292 Jul 13 21:43 opt.MYD
     16 -rw-rw----  1 mysql  mysql       15448 Jul 12 11:20
signature.MYD
      8 -rw-rw----  1 mysql  mysql        6929 Jul  4 22:57
sig_reference.MYD
     12 -rw-rw----  1 mysql  mysql       11088 Jul  4 22:56
reference.MYD
      2 -rw-rw----  1 mysql  mysql         556 Jun  5 18:59
sig_class.MYD
      2 -rw-rw----  1 mysql  mysql         160 Apr 21 12:29
reference_system.MYD
      6 -rw-rw----  1 mysql  mysql        4836 Apr 18 18:30
acid_ip_cache.MYD
      2 -rw-rw----  1 mysql  mysql          84 Mar  2  2006 sensor.MYD
      0 -rw-rw----  1 mysql  mysql           0 Mar  2  2006 acid_ag.MYD
      0 -rw-rw----  1 mysql  mysql           0 Mar  2  2006
acid_ag_alert.MYD
      0 -rw-rw----  1 mysql  mysql           0 Mar  2  2006
base_roles.MYD
      0 -rw-rw----  1 mysql  mysql           0 Mar  2  2006
base_users.MYD
      2 -rw-rw----  1 mysql  mysql          40 Mar  2  2006 detail.MYD
      2 -rw-rw----  1 mysql  mysql          60 Mar  2  2006 encoding.MYD
      2 -rw-rw----  1 mysql  mysql          13 Mar  2  2006 schema.MYD


So my guess is that I can run
 echo "TRUNCATE TABLE data;                " | mysql -u need_help -p now
 echo "TRUNCATE TABLE acid_event ; " | mysql -u need_help -p now
 echo "TRUNCATE TABLE event;           " | mysql -u need_help -p now
 echo "TRUNCATE TABLE iphdr;           " | mysql -u need_help -p now
 echo "TRUNCATE TABLE udphdr;         " | mysql -u need_help -p now
 echo "TRUNCATE TABLE icmphdr;       " | mysql -u need_help -p now
 echo "TRUNCATE TABLE tcphdr;         " | mysql -u need_help -p now
 echo "TRUNCATE TABLE opt;               " | mysql -u need_help -p now

And restart the sensors.
Is there anything else that I need to do?

Thank you Raymond



Thank you,
Raymond
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20060905/6c4cd029/attachment.html>


More information about the Snort-users mailing list