Snort mailing list archives

Previous By Date Next
Previous By Thread Next

300,000 alerts in Database from spp_asn1

From: Nicholas Bachmann <nbachmann () mail davison k12 mi us>
Date: Fri, 25 Oct 2002 19:10:20 -0400
Through some weirdness, spp_asn1 on Snort 1.9 has flooded my PostgreSQL database with over 300,000 alerts (which seem to be false-positive, or at least not malicious), which has not made the DB very happy :-). The actual probem is peripheral to my actual question, but I'm sure somebody is interested; I will provide details on or off list. My questions is this: how does one go about deleting those 300,000 alerts. Just doing a delete in ACID doesn't cut it; I left it deleting over a weekend and that didn't work (probably timed out) and while deleting no alerts are able to be added to the database, and I can't check it anyway (transaction block?). 
   Any ideas?

--
        Regards,
        Nick

        Nicholas Bachmann, SSCP
        Tech Department
        Davison Community Schools






-------------------------------------------------------
This sf.net email is sponsored by: Influence the future of Java(TM) technology. Join the Java Community Process(SM) (JCP(SM)) program now. http://ads.sourceforge.net/cgi-bin/redirect.pl?sunm0004en 
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: