I'd like to share my first actual success on mysql tuning, after having spent a couple of days reading everything I could about the matter (and still waiting for the books to arrive).
From what I've seen a very important point on DB optimization is the right table design, followed by the right queries and finally optimizing DB parameters. Since I don't know enough yet about optimal DB design I'll skip that phase (tho I'll definetively accomplish it during the next weeks/months) and examining some queries.

After enabling log_slow_queries, one of the first queries popping out continuously was the following:

SELECT *, inet_ntoa(src_ip) as aux_src_ip, inet_ntoa(dst_ip) as aux_dst_ip FROM event_tmp order by id desc limit 1;

I've finally decided to learn everything I could about MySQL performance tuning; we're working on highly tuned appliances and this is a must for high-traffic environments.
I'd like to share my first findings on interesting stuff and encourage comments on the matter, which seems as deep as any science.

These last days we've discussing about this at the office and we couldn't agree about the type of database configuration using MySQL was optimal for the broadest range of users.
It's much easier to tune everything if you already know the exact environment, available hardware and so on, rather than trying to tune a database for a broad range of people going to install a product.

I thought I'd post a plugin tree I just hacked together here. It uses a javascript library and could be useful to someone.
I'm not posting the complete tree here since the page is about 1MB big.

This post will be the first of a series of tutorials describing how to accompliush certain useful things using OSSIM. A friendly IT teacher from Oklahoma suggested that it would be a good idea, and I have to agree. And on top, it's relaxing :-).

So here we go, this first installment will focus on deploying OCS Inventory on a couple of hosts, getting them to log to the central ossim server and see how it shows up in our interface. This will demonstrate the powerful cross-platform inventory capabilities built into ossim thanks to the new OCS integration.

The test environment consists of 6 devices:

• Apple 10.5 Leopard
• Debian 4.0 Linux inside Parallels
• IPhone MacosX
• OpenBSD 4.x
• Windows XP inside Parallels
• Yellow Dog Linux running on a PS3

Let's get a first meaningful update running too.

We have been working hard these last weeks to get the installer out and polish some outstanding issues. After the initial releases, our priorities are now focused on:

• Get an updater done (will be included with 1.0.4)
• Fix some remaining issues (two persons have reported hangs at specific OS installation stages)
• Allow for easy installation of specific graph plugins depending on scenario (ISO, Inventory, Nessus, etc...)

In the meantime, we preinstalled OSSEC (thanks Daniel for your help), fixed the Nagios plugin, fixed rrd_plugin which was missing a config line and added Munin to the sensor pages for performance monitorization.

For many years I've been bitching about blogs, about people writing useless crap just to caress their egos, merely filling google with worthless references to biased content. I always promised I'd never write one.

Well, I guess I've changed my mind now. It might be presumptous but I think it's a good moment to write about things around me since I sincerely believe it might interest someone (work issues to a broader audience, personal stuff to family and friends since work doesn't leave me the time I'd like to spend with them).

So this is it, my first try of a personal log. English is not my first language so there might be misspelling and grammar errors herein. My apologies in advance for that.

Happy reading ;-)

Dominique