Snort mailing list archives
RE: ACID And MYSQL
From: "John Ceballos-contr" <John.Ceballos-contr () TRW COM>
Date: Mon, 09 Jun 2003 17:02:38 -0400
OK. Thanks Paul! My webpage is made with ColdFusion and I can't see why I am not getting the proper info unless I log into the ACID interface. My webpage also queries the database directly. This webpage doesn't have to do anything with ACID. Anybody know if there is something I am missing when I made this page with ColdFusion? Thanks!
"Schmehl, Paul L" <pauls () utdallas edu> 06/09/03 04:55PM >>>
ACID requires the addition of four acid-specific tables to the default install of mysql. Those four tables are "filled" by ACID (by querying the snort tables) whenever you load or refresh the ACID webpage in your browser. You can delete all the data that are in those tables and ACID will "refill" them the next time you refresh your browser. The mysql database is being written to constantly by snort. The data are entered into the tables in snort that are created using the create_mysql script that comes with the default install tarball. ACID takes the data that are in those tables and uses them to build its own, completely separate tables so it can display the data in ACID's format. We have created a php page that queries the snort tables directly and returns "most frequent hits" for a configurable number of hits and a configurable time frame. It doesn't require the use of ACID at all. I also query the db directly whenever I need to get some info that ACID won't give me. It's completely possible to build your own frontend that doesn't require the ACID tables at all. All the data are in the snort tables. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ -----Original Message----- From: John Ceballos-contr [mailto:John.Ceballos-contr () TRW COM] Sent: Monday, June 09, 2003 2:33 PM To: snort-users () lists sourceforge net Subject: [Snort-users] ACID And MYSQL Hello all! First, I was hoping if somebody can either explain to me or point to me in the right direction as to how ACID and MYSQL work. The mechanics really. I get the distinct impression that the database is not written to until somebody logs into ACID. Am I wrong on this? If so, please correct me. Second, has anybody done a webpage where it queries the MYSQL database but it doesn't return the right information until you log into ACID? IF so, how did you fix it where you don't have to log into ACID to return the correct info? Thanks all for your help! ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID And MYSQL John Ceballos-contr (Jun 09)
- <Possible follow-ups>
- RE: ACID And MYSQL Schmehl, Paul L (Jun 09)
- RE: ACID And MYSQL John Ceballos-contr (Jun 09)
- RE: ACID And MYSQL Schmehl, Paul L (Jun 09)
- RE: ACID And MYSQL John Ceballos-contr (Jun 13)
- RE: ACID And MYSQL Schmehl, Paul L (Jun 13)
- RE: ACID And MYSQL John Ceballos-contr (Jun 13)