RE: ACID And MYSQL

["John Ceballos-contr" <John.Ceballos-contr () TRW COM>]

OK. Thanks Paul!

My webpage is made with ColdFusion and I can't see why I am not getting the proper info unless I log into the ACID 
interface. My webpage also queries the database directly. This webpage doesn't have to do anything with ACID. Anybody 
know if there is something I am missing when I made this page with ColdFusion? Thanks!

> > > "Schmehl, Paul L" <pauls () utdallas edu> 06/09/03 04:55PM >>>
ACID requires the addition of four acid-specific tables to the default
install of mysql.  Those four tables are "filled" by ACID (by querying
the snort tables) whenever you load or refresh the ACID webpage in your
browser.  You can delete all the data that are in those tables and ACID
will "refill" them the next time you refresh your browser.

The mysql database is being written to constantly by snort.  The data
are entered into the tables in snort that are created using the
create_mysql script that comes with the default install tarball.  ACID
takes the data that are in those tables and uses them to build its own,
completely separate tables so it can display the data in ACID's format.

We have created a php page that queries the snort tables directly and
returns "most frequent hits" for a configurable number of hits and a
configurable time frame.  It doesn't require the use of ACID at all.

I also query the db directly whenever I need to get some info that ACID
won't give me.  It's completely possible to build your own frontend that
doesn't require the ACID tables at all.  All the data are in the snort
tables.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

-----Original Message-----
From: John Ceballos-contr [mailto:John.Ceballos-contr () TRW COM] 
Sent: Monday, June 09, 2003 2:33 PM
To: snort-users () lists sourceforge net 
Subject: [Snort-users] ACID And MYSQL


Hello all!

First, I was hoping if somebody can either explain to me or point to me
in the right direction as to how ACID and MYSQL work. The mechanics
really. I get the distinct impression that the database is not written
to until somebody logs into ACID. Am I wrong on this? If so, please
correct me.

Second, has anybody done a webpage where it queries the MYSQL database
but it doesn't return the right information until you log into ACID? IF
so, how did you fix it where you don't have to log into ACID to return
the correct info? Thanks all for your help!



-------------------------------------------------------
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users