[Snort-users] Where's Waldo?

Paul Schmehl pschmehl_lists at ...14358...
Thu Oct 11 17:13:07 EDT 2012

--On October 11, 2012 8:58:12 PM +0100 Peter Bates <peter.bates at ...15381...> 

> Hash: SHA1
> Hello all
> On 11/10/2012 20:29, AllowOverride wrote:
>> just a test, i will clear tables, and close browser, come back in 1
>> hour increments, and see if that is the issue, it takes an hour to
>> input new data after base clear table buttons have cleared. im
>> assume there is a switch in the configs to make it quicker.
> I've never personally looked for the option to clear tables in BASE
> but I can say I use a script called archivesnort.pl which moves alerts
> after 7 days to the archive DB and deletes them after 30.
Are you serious?  I wrote that thing about 8 years ago.  I can't believe 
anybody is still using it.  Hasn't the schema changed since then?  I'm 
amazed it still works.

Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell

More information about the Snort-users mailing list