[Bro] SMTP entities log doesn't appears

[James Lay]

On 2014-03-27 08:29, C. L. Martinez wrote:
> Hi all,
>
>  What can be the reason for smtp entities log file doesn't appears?
> All works pretty well in my Bro cluster with this exception (all my
> nodes are FreeBSD 10).
>
>  Inside worker.bro policy I have:
>
> @load protocols/smtp/software
> @load protocols/smtp/detect-suspicious-orig
> @load protocols/smtp/entities-excerpt
>
> entities-excerpt calls base/protocols/smtp/entities, correct??
>
>  Any idea??
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

Check your checksums...add:

broargs = --no-checksums

to your broctl.conf or if you're starting bro manually add:

--no-checksums

to your command line.

James