There are some web pages that provide specific hints for tuning the
snort + ACID combination, e.g:
http://www.andrew.cmu.edu/~rdanyliw/snort/acid_faq.html#faq_c9
Having said that, it is worth collecting the information Dann suggested,
as folk on this list can probably give you database tuning tips that the
standard FAQs may not contain.
regards
Mark
Jeremy Hefner wrote:
>Ok, so here is my problem. I am running snort with ACID as the query
>interface and FreeBSD with Postgresql 7.2 as the back end database
>system. The problem I am encountering is that it takes forever for acid
>to query the database and delete alerts. Also, there is no way to have
>more than one person query the database without having it crawl. Is
>there anyone out there that has experience tweaking postgres so that it
>performs faster in this setup? The database is out of the box with no
>tweaks to it.
>
>
