Tuning MySQL
MySQL is the most common database platform used to hold a Snort intrusion database. Although the exact tuning commands will differ for individual databases, the performance tuning concepts are similar for most databases. The default installation and configuration of MySQL is not the most efficient possible. There are some methods of influencing the behavior of MySQL that can result in substantial performance gains if Barnyard is not being used.
One method of increasing performance is to add indexes to some of the tables that Snort uses. Indexes are used to increase the speed at which MySQL returns data. When an index is created, MySQL can skip over lots of data to find exactly the data that is required. Without an index, it must ...
Get Intrusion Detection with Snort now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
