|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: McGuire, Dennis (dmcguire_at_brierley.com)
Date: Tue Jan 28 2003 - 20:26:01 CST
> How long does it take for the search page to come up (even in
> a partial state)? How big is the Snort data table on your
> disk? I've seen problems with ACID where you try to remove
> old alerts, but it only removes the alert entry from the
> acid_alert table, not the data table. As such, when I
> thought I was cleaning out old stuff I really had a data
> table that wasn't getting cleaned out.
>
> This data inconsistentcy that seems to present itself with
> large tables is
> fairly worrisome which is why I'm writing a small DBI script
> to remove old
> alerts entirely.
>
> Cheers - Erick
>
Erick,
- The Search page loads in les than 1 second.
- The snort data table is:
[root
dalog02 snort]# ls -la /var/lib/mysql/snort/data*
-rw-rw---- 1 mysql mysql 8614 Aug 12 06:14
/var/lib/mysql/snort/data.frm
-rw-rw---- 1 mysql mysql 56239460 Jan 28 20:31
/var/lib/mysql/snort/data.MYD
-rw-rw---- 1 mysql mysql 692224 Jan 28 20:31
/var/lib/mysql/snort/data.MYI
Dennis
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]