[Snort-users] Snort Overloading BASE?
wchan at ...14702...
Wed Feb 3 23:31:52 EST 2010
If your running BASE on Apache consider migrating to Lighttpd instead.
It's quite a bit faster when you have lots of events/records.
From: James Chase [mailto:chase1124 at ...11827...]
Sent: Wednesday, January 20, 2010 10:25 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort Overloading BASE?
I'm running snort-2.8.5-1 on CentOS 5.4 and collecting snort alerts to a
database with barnyard2. The problem is snort seems to be generating so
many alerts that whenever I load the BASE page it takes 5 or 10 minutes
to display! I believe it is just processing the new alerts but it really
makes the system unusable.
Is there anything that can be done to clear out the DB of old alerts
automatically or anyone else that has experienced this problem?
"Beware of all enterprises that require new clothes."
-- Henry David Thoreau
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users