I can do comparisons with tab delimited files from command line such as : bro -i eth1 malware_test_ips.bro
But whenever I install the same script to the site area, the comparisons are not made!! In fact it seems it is not reading the very same tab delimited file. Below is the read function. Why would this work on command line not on broctl deploy, despite showing no errors or warnings? Is there a file read setting im missing?
Input::add_table([$source=sinkhole_list_location, $name="sinkhole", $idx=Idx, $val=Val, $destination=sinkhole_list2, $mode=Input::REREAD]);
I have just solved this. I had to use the @DIR to refer to the sinkhole_list_location for the file. Either this or the full file pathway. It works from command line because the file is local to the command, local pathway.