ossec clear database

To delete all currently stored alerts and related data in the ossec database execute these commands in

MySQL Editor:


truncate table alert;
truncate table data;

Bash Script:

#!/usr/local/bin/bash
#
#Stop ossec, remove old alerts, start ossec

echo "stopping ossec"

/var/ossec/bin/ossec-control stop

echo 'TRUNCATE TABLE `alert` ;' | mysql ossec -p;echo 'TRUNCATE TABLE `data` ;' | mysql ossec -p

echo "rules cleared"
echo "starting ossec"
/var/ossec/bin/ossec-control start

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.