I am running MySql 3.23.58-1 on a snort database containing IDS alerts.
At 12:00am I would like move the previous day's alerts from four tables to
a backup database named for the previous day.
Has anyone implemented such a backup schedule? And if so can someone
send me a script?
I had the following ideas on the subject:
1.a. mysql shutdown.
b. cp -r database /..../2004-07-29
c. mysqlstart
/* I need a single user mode for the delete to work */
d. echo "Delete iphdr; Delete tcphdr;Delete acid_event; Delete event" | mysql -p
xxx -u yyyy
e. go to multiuser mode.
2. a. Assuming logging turned on
mysqlhotcopy snortdb
( echo "Delete iphdr; Delete tcphdr;Delete acid_event; Delete event" ;
mysqlbinlog snort.log ) | mysql -p xxx -u yyy
3. a. $ mysql -p xxx -u yyy
1. if a week then purge tables:
$mysql> Delete iphdr;
....( repeat for the rest of the tables.)
2. mysql -p xxx -u yyy
mysql > Select iphdr.*
from iphdr, event_id
into outfile /.../backup/2004-07-29/iphdr.txt
where timestamp.event_id < 2004-07-29;
mysql> Delete iphdr;
....( repeat for the rest of the tables.)
mysql > use backsnort_db
Select iphdr.*
from iphdr, event_id
Load infile /.../backup/2004-07-29/iphdr.txt
....( repeat for the rest of the tables.)
mysql > exit
b. tar cvf backsnort_db
That is my best shot if anyone has a more elegant solution I would appreciate
hearing about it.
Thank you,
Raymond
