Cannot archive alerts (ACID)

[Jeff Workman <jworkman () pimpworks org>]

ACID Version: 0.9.6b23
Schema version: 106
PostgreSQL version: 7.4

I cannot get ACID to archive my alerts.  I created both the snort and the 
archive database at the same time, with the same permissions for the snort 
user, but I get the following SQL error when I try to archive:

Archive error:Database ERROR:ERROR: insert or update on table "iphdr" 
violates foreign key constraint "iphdr_fkey_sid_cid" DETAIL: Key 
(sid,cid)=(2,276) is not present in table "event".
INSERT INTO iphdr (sid,cid, ip_src, ip_dst, 
ip_ver,ip_hlen,ip_tos,ip_len,ip_id,ip_flags, 
ip_off,ip_ttl,ip_proto,ip_csum) VALUES (2, 276, '3396030466', 
'202676840','4','5','0','404','27500','0','0','112','17','7427')


INSERT INTO iphdr (sid,cid, ip_src, ip_dst, 
ip_ver,ip_hlen,ip_tos,ip_len,ip_id,ip_flags, 
ip_off,ip_ttl,ip_proto,ip_csum) VALUES (2, 276, '3396030466', 
'202676840','4','5','0','404','27500','0','0','112','17','7427')

Ignored 1 duplicate alert(s)

No alerts were selected or the ARCHIVE-copy was not successful

-Jeff
--
Jeff Workman | jworkman () pimpworks org | http://www.pimpworks.org


-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users