[Zeek] No emails are received
Justin Azoff
justin at corelight.com
Fri Feb 28 08:53:52 PST 2020
On Thu, Feb 27, 2020 at 3:57 AM Carlos Lopez <clopmz at outlook.com> wrote:
> Hi all,
>
> After re-installing my Zeek hosts to version 3.0.2 in my home lab, I
> haven't received any mail from cron task or any process/alert related to
> Zeek. But I see some emails queued in /var/zeek/spool/tmp directory like
> this:
>
> -rw-r--r--. 1 zeek idps 296 Feb 27 07:30 mail.1493.tmp
>
> With the following content:
>
> From: admin.zeek at domain.org
> Subject: [Zeek] cron: expire-logs failed
> To: myadmin at otherdomain.org
> User-Agent: ZeekControl 2.0.0
>
> expire-logs failed
> expire-logs: directory not found: /var/zeek/logs/stats
>
> creating directory for stats file: /var/zeek/logs/stats
>
> --
> [Automatically generated.]
>
what output if any do you get if you run
sendmail -t -oi /var/zeek/spool/tmp/mail.1493.tmp
or whatever filename exists there.
the "To:" line in there is what it looks for, so that should be working..
--
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200228/4e42193a/attachment.html
More information about the Zeek
mailing list