Re: Wipe out Snort database

[Paul Schmehl <pauls () utdallas edu>]

--On Saturday, October 04, 2003 1:59 PM +0400 Egal A Egal - SA 
<egale () comtrust ae> wrote:
> I was wondering if someone could tell me what steps I need to take to
> "zero" my event database..! I tried wiping out the Events tables but that
> did not work. I would like to wipe everything (snort databse) and make it
> look like I have just installed it.

Login to snort and drop and recreate the database:

% mysql -u root -p
After you login:

# drop database snort;
# create database snort;
# quit;

Recreate the tables for the new database:

% mysql -u root -p snort < /path/to/create_mysql
(Type root's password again.)

Restart snort:

% /etc/rc.d/init.d/snort restart
(I'm assuming this is where it would be in RedHat.  I use FreeBSD.)

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users