Skip to content
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.

sguil-db-purge needs to purge history table as well #406

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 4 comments
Closed

sguil-db-purge needs to purge history table as well #406

GoogleCodeExporter opened this issue Mar 24, 2015 · 4 comments
Labels
auto-migrated Priority-Low Type-Enhancement

Comments

@GoogleCodeExporter
Copy link 

sguil-db-purge needs to purge history table as well

Original issue reported on code.google.com by doug.bu...@gmail.com on 31 Oct 2013 at 2:45
@GoogleCodeExporter
Copy link
Author 

https://groups.google.com/d/topic/security-onion/qcDgy0Meh5M/discussion

As a band-aid, I added the following code to the beginning of the cleanup() 
function in the sguil-db-purge script:

/usr/bin/mysql -u$DB_USER $PASSWORD_OPTION -BN -e "DELETE FROM history WHERE 
timestamp < DATE_SUB(NOW(), INTERVAL 90);" -D $DATABASE

This should keep a rolling 90-day history and speed up any upgrades/maintenance.

Original comment by doug.bu...@gmail.com on 31 Oct 2013 at 2:45

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Added the following:

        /usr/bin/mysql -u$DB_USER $PASSWORD_OPTION -BN -e "DELETE FROM history WHERE timestamp < DATE_SUB(NOW(), INTERVAL $DAYSTOKEEP DAY);" -D $DATABASE

Original comment by doug.bu...@gmail.com on 9 Jun 2014 at 1:20

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/Wy55RCCpsvc/discussion

Original comment by doug.bu...@gmail.com on 10 Jun 2014 at 11:24

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author 

Published:
http://blog.securityonion.net/2014/06/new-securityonion-sguil-db-purge.html

Original comment by doug.bu...@gmail.com on 12 Jun 2014 at 9:59

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
auto-migrated Priority-Low Type-Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter