[Zeek] No emails are received

Carlos Lopez clopmz at outlook.com
Sat Feb 29 03:21:51 PST 2020


Thanks for your answer Justin. All my zeek hosts are installed with postfix (they are under RHEL 8.1). I am searching about an equivalent command with postfix but I can't find any….

--
Regards,
C. L. Martinez

From: Justin Azoff <justin at corelight.com>
Date: Friday, 28 February 2020 at 17:54
To: Carlos Lopez <clopmz at outlook.com>
Cc: "zeek at zeek.org" <zeek at zeek.org>
Subject: Re: [Zeek] No emails are received

On Thu, Feb 27, 2020 at 3:57 AM Carlos Lopez <clopmz at outlook.com<mailto:clopmz at outlook.com>> wrote:
Hi all,

 After re-installing my Zeek hosts to version 3.0.2 in my home lab, I haven't received any mail from cron task or any process/alert related to Zeek. But I see some emails queued in /var/zeek/spool/tmp directory like this:

-rw-r--r--. 1 zeek idps 296 Feb 27 07:30 mail.1493.tmp

 With the following content:

From: admin.zeek at domain.org<mailto:admin.zeek at domain.org>
Subject: [Zeek] cron: expire-logs failed
To: myadmin at otherdomain.org<mailto:myadmin at otherdomain.org>
User-Agent: ZeekControl 2.0.0

expire-logs failed
expire-logs: directory not found: /var/zeek/logs/stats

creating directory for stats file: /var/zeek/logs/stats

--
[Automatically generated.]

what output if any do you get if you run

    sendmail -t -oi /var/zeek/spool/tmp/mail.1493.tmp

or whatever filename exists there.
the "To:" line in there is what it looks for, so that should be working..

--
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200229/12554dbd/attachment-0001.html 


More information about the Zeek mailing list