[Bro-Dev] [JIRA] (BIT-1548) SendMail parameter is missing from broctl.cfg file in Debian binary installation
Jamshid Karimi (JIRA)
jira at bro-tracker.atlassian.net
Fri Mar 4 20:25:00 PST 2016
Jamshid Karimi created BIT-1548:
-----------------------------------
Summary: SendMail parameter is missing from broctl.cfg file in Debian binary installation
Key: BIT-1548
URL: https://bro-tracker.atlassian.net/browse/BIT-1548
Project: Bro Issue Tracker
Issue Type: Improvement
Components: Bro
Affects Versions: 2.4
Environment: Date tested: 2016-03-05
Operating system: Debian 8.2
Repository: Open Build System
Packages:
bro 2.4.1-0
bro-core 2.4.1-0
broctl 2.4.1-0
libbroccoli 2.4.1-0
Reporter: Jamshid Karimi
The Debian binary packages from Open Build Service have sendmail binary location set to SENDMAIL-NOTFOUND by default but provide no SendMail parameter in broctl.cfg to set the correct location. This means, out of the box, Bro does not send any summary connection reports to the configured email recipient.
For a recent binary installation, I had to manually add the following line to broctl.cfg file to resolve the issue:
SendMail = /usr/sbin/sendmail
Here is the output of broctl config right after installation:
Hint: Run the broctl "deploy" command to get started.
bindir = /opt/bro/bin
broargs =
brobase = /opt/bro
broctlconfigdir = /opt/bro/spool
broport = 47760
broscriptdir = /opt/bro/share/bro
capstatspath = /opt/bro/bin/capstats
cfgdir = /opt/bro/etc
cflowaddress =
cflowpassword =
cflowuser =
commandtimeout = 60
commtimeout = 10
compresscmd = gzip -9
compressextension = gz
compresslogs = 1
cron = 0
croncmd =
debug = 0
debuglog = /opt/bro/spool/debug.log
env_vars =
havenfs = 0
helperdir = /opt/bro/share/broctl/scripts/helpers
ipv6comm = 1
keeplogs =
libdir = /opt/bro/lib
libdirinternal = /opt/bro/lib/broctl
localnetscfg = /opt/bro/etc/networks.cfg
lockfile = /opt/bro/spool/lock
logdir = /opt/bro/logs
logexpireinterval = 0
logrotationinterval = 3600
mailalarmsinterval = 86400
mailalarmsto = root at localhost
mailconnectionsummary = 1
mailfrom = Big Brother <bro at REMOVED_IP_ADDRESS>
mailhostupdown = 1
mailreplyto =
mailsubjectprefix = [Bro]
mailto = root at localhost
makearchivename = /opt/bro/share/broctl/scripts/make-archive-name
memlimit = unlimited
mindiskspace = 5
nodecfg = /opt/bro/etc/node.cfg
os = linux
pfringclusterid = 0
pfringclustertype = 4-tuple
pfringfirstappinstance = 0
pin_command = taskset -c
plugindir = /opt/bro/lib/broctl/plugins
policydir = /opt/bro/share/bro
policydirsiteinstall = /opt/bro/spool/installed-scripts-do-not-touch/site
policydirsiteinstallauto = /opt/bro/spool/installed-scripts-do-not-touch/auto
postprocdir = /opt/bro/share/broctl/scripts/postprocessors
prefixes = local
savetraces = 0
scriptsdir = /opt/bro/share/broctl/scripts
sendmail = SENDMAIL-NOTFOUND
sigint = 0
sitepluginpath =
sitepolicymanager = local-manager.bro
sitepolicypath = /opt/bro/share/bro/site
sitepolicystandalone = local.bro
sitepolicyworker = local-worker.bro
spooldir = /opt/bro/spool
standalone = 1
statefile = /opt/bro/spool/state.db
staticdir = /opt/bro/share/broctl
statsdir = /opt/bro/logs/stats
statslog = /opt/bro/spool/stats.log
statslogenable = 1
statslogexpireinterval = 0
statuscmdshowall = 1
stoptimeout = 60
test.enabled = 0
test.foo = 1
time =
timefmt = %d %b %H:%M:%S
timemachinehost =
timemachineport = 47757/tcp
tmpdir = /opt/bro/spool/tmp
tmpexecdir = /opt/bro/spool/tmp
tracesummary = /opt/bro/bin/trace-summary
version = 1.4
zoneid =
--
This message was sent by Atlassian JIRA
(v7.2.0-OD-03-010#72000)
More information about the bro-dev
mailing list