[netsa-tools-discuss] Record retention in SiLK
Kapucu, Ali
akapucu at kent.edu
Tue Sep 1 14:34:25 EDT 2015
You can use flow-tools
http://sourceforge.net/projects/flowviewer/
—
Ali
From: <netsa-tools-discuss-bounces+akapucu=kent.edu at cert.org<mailto:netsa-tools-discuss-bounces+akapucu=kent.edu at cert.org>> on behalf of mworld
Date: Tuesday, September 1, 2015 at 11:49 AM
To: "netsa-tools-discuss at cert.org<mailto:netsa-tools-discuss at cert.org>"
Subject: Re: [netsa-tools-discuss] Record retention in SiLK
On 1/09/2015 9:18 PM, Hosam Hittini wrote:
Hi,
I wanted to check if SiLK can delete the oldest records from its repository when the disk space reaches 90% for example
Or if there’s a way to retain records only for the last two weeks for example
We have SiLK v3.8.0 installed
Thanks in advance
Regards,
Hosam Hittini
System Security Maintenance & Support
Etisalat
Hi Hosam. As far as I know there is no built in options for this (like good old flow tools). One way would be to use the find command (on *nix) to search for files older then n days.
Example (USE AT YOUR OWN RISK):
# Remove files older than 60 days.
find /mnt/storage/silk/ -type f -mtime +60 -exec rm {} \;
Regards,
Otto.
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the netsa-tools-discuss
mailing list