[Sguil-users] More noob questions
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
[Sguil-users] More noob questions
|
From: Paul S. <pa...@ut...> - 2005-01-27 00:01:59
|
Now that I'm using the right sancp.conf file, I've determined that we will generate approximately 3GB of data/day. Will all 3GB be put into the db? Or will only some portion of that go into the db? Will sguil work with MS SQL or postgressql or Oracle? (We can do the conversions - if there are any - to create the tables and values - I'm wondering if the query structure or something else that I haven't thought about won't "translate".) I noticed, during the install of sancp, that it's obviously designed to only be used on Linux. I had to edit the install script to get it to work on FreeBSD (as well as put everything in the right places - /usr/local/etc/sancp rather than /etc/sancp etc. sh install on FBSD doesn't have a -D switch, etc.) Would it be beneficial to maintain a separate install script (with the sguil package) that installs sancp in the right places based on the OS and has the correct conf file? Paul Schmehl (pa...@ut...) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu |