LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices



Reply
 
Search this Thread
Old 01-12-2006, 12:48 AM   #1
logicalfuzz
Member
 
Registered: Aug 2005
Distribution: Arch Linux
Posts: 291

Rep: Reputation: 41
Snort database growing large; how to use mysql to delete?


i have installed SNORT+mysql+Acid+PHP on my redhat machine. my database has grown very large (with false positives), due to which it takes a long time to access the ACID console. I had read mysql a bit to setup snort, but dont know the intricacies of it. As the database is fairly distributed across many tables, i am not able to find a way to delete certain sections of it across the complete database (eg. i want to delete everything that has the signature of portscan). What command do i use for this? I know this is possible with the acid console, but wanted to try this at the command line as my acid page stops responding when i use the 'delete' option on the page. Any pointers to relevent text wld also be helpful.
TIA
 
Old 01-12-2006, 07:14 PM   #2
bigrigdriver
LQ Addict
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian Squeeze
Posts: 5,805

Rep: Reputation: 324Reputation: 324Reputation: 324Reputation: 324
If you have the MySQL Reference Manual, see section 3.3.4.9 Using More Than One Table, section 14.1.7 Select, and section 14.2.7 Drop Index. You should be able to work out the command syntax from those three sections.

Basically, open all tables with the Portscan value, Select those items with a Portscan value, and Drop Index to drop them from the tables.

Last edited by bigrigdriver; 01-12-2006 at 07:16 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Snort database: Closing connection to database "" Homer Glemkin Linux - Security 2 07-14-2005 07:58 PM
Snort Database Help roastmules Linux - Security 2 02-24-2005 02:05 PM
snort with mysql database zuessh Linux - Security 4 10-18-2004 01:36 AM
Growing MySQL footprint robbiemorgan Linux - Newbie 3 09-22-2004 09:37 AM
Transfering a large MySql database E-Oreo Programming 3 06-04-2004 08:15 AM


All times are GMT -5. The time now is 06:52 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration