[Snort-users] Where's Waldo?

Paul Schmehl pschmehl_lists at ...14358...
Thu Oct 11 17:13:07 EDT 2012


--On October 11, 2012 8:58:12 PM +0100 Peter Bates <peter.bates at ...15381...> 
wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello all
>
> On 11/10/2012 20:29, AllowOverride wrote:
>> just a test, i will clear tables, and close browser, come back in 1
>> hour increments, and see if that is the issue, it takes an hour to
>> input new data after base clear table buttons have cleared. im
>> assume there is a switch in the configs to make it quicker.
>
> I've never personally looked for the option to clear tables in BASE
> but I can say I use a script called archivesnort.pl which moves alerts
> after 7 days to the archive DB and deletes them after 30.
>
Are you serious?  I wrote that thing about 8 years ago.  I can't believe 
anybody is still using it.  Hasn't the schema changed since then?  I'm 
amazed it still works.

-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell





More information about the Snort-users mailing list