Re: [Snort-users] Question on database for Snort

From: Michael Anderson <mca(at)arlut.utexas.edu>
Date: Mon Mar 31 2003 - 16:45:58 EST

Just curious, are you querying the standard snort database or are you loading the snort data into a specialized database? And by any chance are you going to make your tool available to the public or is it proprietary?

Thanks,
Mike

>I have never tested PostgreSQL, so I can't speak to that, but I *can*
>address one of your points above. We are presently querying a mysql
>database with 8 million alerts in it, using a web-based interface that
>we are designing, and we are getting response times of under 3 seconds.
>
>I think the response time of any front end to a database has a lot more
>to do with how the queries are constructed than a lot of people
>realize. For example, a similar query using ACID takes about 680
>seconds on a database with 1.5 million alerts in it.
>
>
>

---

This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/

---

Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users Received on Mon Mar 31 16:53:34 2003