Snort mailing list archives
HOW TO archive alerts using ACID on a different DB???
From: "Bruno Sicchieri" <bsicchieri () hotmail com>
Date: Fri, 06 Dec 2002 08:58:05 -0200
Hi,I'm trying to archive alerts on a different db (not my current db for ACID) with no sucess!
My system is: RedHat 7.3 Snort 1.8.7 MySQL 3.23.52-1 ACID 0.9.6b21 ACID is current archiving alerts on db "snort" using the user "snort" I want to archive all alerts from November on db "snort_nov", so I created the db "snort_nov" and created the same schema as "snort" using the create_mysql script. Then connected on "snort_nov" db and made this: mysql> grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort_nov.* to snort; mysql> grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort_nov.* to snort@localhost; mysql> flush privileges; mysql> exit; Then I updated the $archive_dbname, $archive_host, $archive_user, $archive_password, $archive_port variables in the ACID configuration file acid_conf.php to reference the archive database "snort_nov". So I runned the query which contains the alerts to be archived (all alerts from November). At the bottom of the query results in the 'Action' box no matter if a choose "Archive -- copy" or "Archive -- move" or the other 'Action' buttons (Selected, ALL on Screen or Entire Query) I've got this: ----------------------------- Added 0 alert(s) to the Alert cache Ignored 50 duplicate alert(s) No alerts were selected or the ARCHIVE-move was not successful ------------------------------ PS.: I tested all combinations with no sucess. The text-box following the combo-box was left blank. Anyone could help me please??? Thanks, Bruno. _________________________________________________________________MSN Messenger: converse com os seus amigos online. http://messenger.msn.com.br
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- HOW TO archive alerts using ACID on a different DB??? Bruno Sicchieri (Dec 09)