Snort Database Maintenance
175
5.3 Snort Database Maintenance
From time to time, you need to perform some operations on the database to keep it
running efficiently. Table optimization enhances the database efficiency. You can opti
mize individual tables using the optimize command. The following command optimizes
the data table.
mysql> optimize table data;
+ + + + +
| Table | Op | Msg_type | Msg_text |
+ + + + +
| snort.data | optimize | status | OK |
+ + + + +
1 row in set (58.10 sec)
mysql>
You can create a script to optimize all tables. For this purpose, save the following
commands in a file optimize.sql.
optimize table data;
optimize table detail;
optimize table event;
optimize table icmphdr;
optimize table iphdr;
optimize table opt;
Use the following command to run this script:
mysql h localhost u rr prr78x snort < optimize.sql
I have not used all table names in the script. You can use all table names by creat
ing additional lines if you like.
You should set this command as a cron job to run everyday so that the database is
optimized every 24 hours.
5.3.1
Archiving the Database
If your database grows very large, you may want to archive it. One method is to
back up the database, drop it and recreate a new database. Another way is to back up the
existing data into archive tables and then clean these tables. Some scripts are available
at http://www.dirk.demon.co.uk/utils/ for this purpose. Please download the scripts
from this web site and read the text file that comes with them for more information.
footer
Our partners:
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Java Hosting
Cheapest Hosting
Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved