No alerts after clearing cache

Jose Ortiz
  • Jose Ortiz

    Jose Ortiz - 2009-02-04

    I am running snort/barnyard/mysql. I can see my alerts going up when i query for select count(*) from event; but nothing showing on BASE after I clear the cache??

    If I reboot the machine, everything works until I clear the cache again. Then everything keeps working (snort,barnyard), but no alerts show on BASE.

    • Jose Ortiz

      Jose Ortiz - 2009-02-04

      I figured out. When you "Clear Data Tables", you also clear all data from the sensor table. BASE will not show you data because of this.

      I commented line 670 from includes/ to look like this:

      # $db->baseExecute("DELETE FROM sensor");

      YMMV. I only have one sensor. I have not tried this with multiple sensors reporting to one database.

    • Jose Ortiz

      Jose Ortiz - 2009-02-05

      I guess that reading works wonders. I found a patch for barnyard inside the BASE contrib directory. After a simple recompile of barnyard, I can uncomment the "DELETE FROM sensor" query and everything works fine now.


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks