Ok im sure for someone this is easy but for some reason (maybe because i am new to Mysql)I cant figure it out. I currently have 10 boxes running FC4 (runlevel 3 no GUI) as IDS boxes using Snort. Snort logs all events to a mysql database. I have all of them up, configured, and running. Every box is logging just like i want it. Heres where i need help. 1 or 2 times a day i want something (program, cron job, whatever) to go out grab the logs (not that it matters but all boxes are in different locations on different subnets) and copy them to a central server, removing the log from the source box once copied. after it copies all the logs, i want it to create a central database of all logs that i can query based on whatever criteria i specify. i want it to do this everyday and compile everyday but not to overwrite any information. At the end of the month i want it to archive the compiled databases and then clear it out starting a new one. I have to keep current logs for 30 days and archived logs for 1 year, but i want to be able to query the database at any time. even if that means pulling in an archived database. Is this possible? if so ALL help getting me there is greatly appreciated.