What is the recommended way to create the BASE archive database? Is there schema file that can be used to create the acid and base tables needed for archiving?
well, for example, this way:
mysql> create database snort_archive;
mysql> use snort_archive;
mysql> source /usr/local/src/snort-2.8.1/schemas/create_mysql;
mysql> GRANT CREATE, INSERT, SELECT, DELETE, UPDATE on snort_archive.* to "base"@"localhost";
And after having done this, delete base_conf.php and rerun the BASE setup routine.
Thank you for the response Juergen, however I had already don't this. This does not create the Acid and Base tables:(acid_ag, acid_ag_aleart, acid_event, acid_ip_cache, base_roles, base_users), all of which are needed by BASE to perform archiving. BASE automatically adds these tables to the Snort db when you click 'setup' the first you open BASE in your browser. I used MySQL Admin and copied those tables over from the Snort db to the Snort_Archive db and I am now able to archive. Just thought there possibly was a BASE schema already created that had these tables defined that could be used to create them like the Snort schema. I thought I may have been overlooking it, or should have had the archive database setup before running BASE for the first time. I know you are aware of all of this already, just thinking out loud to show my process. If I am astray with my thinking, please let me know.