[Bro-Dev] [JIRA] (BIT-1548) SendMail parameter is missing from broctl.cfg file in Debian binary installation
Johanna Amann (JIRA)
jira at bro-tracker.atlassian.net
Mon Mar 7 12:46:00 PST 2016
[ https://bro-tracker.atlassian.net/browse/BIT-1548?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Johanna Amann reassigned BIT-1548:
----------------------------------
Assignee: Johanna Amann
> SendMail parameter is missing from broctl.cfg file in Debian binary installation
> --------------------------------------------------------------------------------
>
> Key: BIT-1548
> URL: https://bro-tracker.atlassian.net/browse/BIT-1548
> Project: Bro Issue Tracker
> Issue Type: Improvement
> Components: Bro
> Affects Versions: 2.4
> Environment: Date tested: 2016-03-05
> Operating system: Debian 8.2
> Repository: Open Build System
> Packages:
> bro 2.4.1-0
> bro-core 2.4.1-0
> broctl 2.4.1-0
> libbroccoli 2.4.1-0
> Reporter: Jamshid Karimi
> Assignee: Johanna Amann
> Labels: file
>
> The Debian binary packages from Open Build Service have sendmail binary location set to SENDMAIL-NOTFOUND by default but provide no SendMail parameter in broctl.cfg to set the correct location. This means, out of the box, Bro does not send any summary connection reports to the configured email recipient.
> For a recent binary installation, I had to manually add the following line to broctl.cfg file to resolve the issue:
> SendMail = /usr/sbin/sendmail
> Here is the output of broctl config right after installation:
> Hint: Run the broctl "deploy" command to get started.
> bindir = /opt/bro/bin
> broargs =
> brobase = /opt/bro
> broctlconfigdir = /opt/bro/spool
> broport = 47760
> broscriptdir = /opt/bro/share/bro
> capstatspath = /opt/bro/bin/capstats
> cfgdir = /opt/bro/etc
> cflowaddress =
> cflowpassword =
> cflowuser =
> commandtimeout = 60
> commtimeout = 10
> compresscmd = gzip -9
> compressextension = gz
> compresslogs = 1
> cron = 0
> croncmd =
> debug = 0
> debuglog = /opt/bro/spool/debug.log
> env_vars =
> havenfs = 0
> helperdir = /opt/bro/share/broctl/scripts/helpers
> ipv6comm = 1
> keeplogs =
> libdir = /opt/bro/lib
> libdirinternal = /opt/bro/lib/broctl
> localnetscfg = /opt/bro/etc/networks.cfg
> lockfile = /opt/bro/spool/lock
> logdir = /opt/bro/logs
> logexpireinterval = 0
> logrotationinterval = 3600
> mailalarmsinterval = 86400
> mailalarmsto = root at localhost
> mailconnectionsummary = 1
> mailfrom = Big Brother <bro at REMOVED_IP_ADDRESS>
> mailhostupdown = 1
> mailreplyto =
> mailsubjectprefix = [Bro]
> mailto = root at localhost
> makearchivename = /opt/bro/share/broctl/scripts/make-archive-name
> memlimit = unlimited
> mindiskspace = 5
> nodecfg = /opt/bro/etc/node.cfg
> os = linux
> pfringclusterid = 0
> pfringclustertype = 4-tuple
> pfringfirstappinstance = 0
> pin_command = taskset -c
> plugindir = /opt/bro/lib/broctl/plugins
> policydir = /opt/bro/share/bro
> policydirsiteinstall = /opt/bro/spool/installed-scripts-do-not-touch/site
> policydirsiteinstallauto = /opt/bro/spool/installed-scripts-do-not-touch/auto
> postprocdir = /opt/bro/share/broctl/scripts/postprocessors
> prefixes = local
> savetraces = 0
> scriptsdir = /opt/bro/share/broctl/scripts
> sendmail = SENDMAIL-NOTFOUND
> sigint = 0
> sitepluginpath =
> sitepolicymanager = local-manager.bro
> sitepolicypath = /opt/bro/share/bro/site
> sitepolicystandalone = local.bro
> sitepolicyworker = local-worker.bro
> spooldir = /opt/bro/spool
> standalone = 1
> statefile = /opt/bro/spool/state.db
> staticdir = /opt/bro/share/broctl
> statsdir = /opt/bro/logs/stats
> statslog = /opt/bro/spool/stats.log
> statslogenable = 1
> statslogexpireinterval = 0
> statuscmdshowall = 1
> stoptimeout = 60
> test.enabled = 0
> test.foo = 1
> time =
> timefmt = %d %b %H:%M:%S
> timemachinehost =
> timemachineport = 47757/tcp
> tmpdir = /opt/bro/spool/tmp
> tmpexecdir = /opt/bro/spool/tmp
> tracesummary = /opt/bro/bin/trace-summary
> version = 1.4
> zoneid =
--
This message was sent by Atlassian JIRA
(v7.2.0-OD-03-012#72000)
More information about the bro-dev
mailing list