[Bro] SSH brute-force email notice
Azoff, Justin S
jazoff at illinois.edu
Tue Feb 28 08:24:37 PST 2017
> On Feb 28, 2017, at 11:17 AM, Loris Leiva <loris.leiva at gmail.com> wrote:
>
> Thank you for your answer.
>
> I have checked the logs during my scenario and when the email doesn’t send nothing get logs at all (not even on the bro stderr log). However, when I raise a dummy notice in a bro_init() event, then I receive the email and the email gets logged properly.
Nothing gets logged at all? not even to notice.log?
>
> Note that I am using macOS Sierra so I access my logs through the following command `log stream --predicate '(process == "smtpd") || (process == "smtp")' -info`.
>
> Any idea of what could be the problem ?
>
> Thanks again,
> Loris
--
- Justin Azoff
More information about the Bro
mailing list