Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 01-12-2006, 12:48 AM   #1
Registered: Aug 2005
Distribution: Arch Linux
Posts: 291

Rep: Reputation: 47
Snort database growing large; how to use mysql to delete?

i have installed SNORT+mysql+Acid+PHP on my redhat machine. my database has grown very large (with false positives), due to which it takes a long time to access the ACID console. I had read mysql a bit to setup snort, but dont know the intricacies of it. As the database is fairly distributed across many tables, i am not able to find a way to delete certain sections of it across the complete database (eg. i want to delete everything that has the signature of portscan). What command do i use for this? I know this is possible with the acid console, but wanted to try this at the command line as my acid page stops responding when i use the 'delete' option on the page. Any pointers to relevent text wld also be helpful.
Old 01-12-2006, 07:14 PM   #2
LQ Addict
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian stable
Posts: 5,898

Rep: Reputation: 353Reputation: 353Reputation: 353Reputation: 353
If you have the MySQL Reference Manual, see section Using More Than One Table, section 14.1.7 Select, and section 14.2.7 Drop Index. You should be able to work out the command syntax from those three sections.

Basically, open all tables with the Portscan value, Select those items with a Portscan value, and Drop Index to drop them from the tables.

Last edited by bigrigdriver; 01-12-2006 at 07:16 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Snort database: Closing connection to database "" Homer Glemkin Linux - Security 2 07-14-2005 07:58 PM
Snort Database Help roastmules Linux - Security 2 02-24-2005 02:05 PM
snort with mysql database zuessh Linux - Security 4 10-18-2004 01:36 AM
Growing MySQL footprint robbiemorgan Linux - Newbie 3 09-22-2004 09:37 AM
Transfering a large MySql database E-Oreo Programming 3 06-04-2004 08:15 AM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 12:19 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration