I've packaged this new version and it has been tested by David Zawdie (thanks!).
The new package version is:
securityonion-sguil-db-purge - 20120722-0ubuntu0securityonion10
Issues Resolved
Issue 672: sguil-db-purge: check for UNCAT_MAX
https://code.google.com/p/security-onion/issues/detail?id=672
Updating
The new package is now available in our stable repo. Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade
Screenshots
The next time sguil-db-purge runs, it adds UNCAT_MAX=100000 to /etc/nsm/securityonion.conf |
If there are less than UNCAT_MAX uncategorized events, no action is necessary |
If we set UNCAT_MAX to a number smaller than our number of uncategorized events... |
...then sguil-db-purge categorizes the oldest events until we get down to UNCAT_MAX |
Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Commercial Support
Need training and/or commercial support? Please see:
http://securityonionsolutions.com
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
Thanks!
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.