hostname

I think that ther should be some way to localize information about
hostnames of machines involved into the policies. It is rather difficult
to navigate through lots of policies-files.

Yes, I strongly agree. There will be features in the 0.7 release for doing
just this.

Qest: How can I know that bro works properly? As far as I remember, I
didn't install additional required libs, but it works.

Many systems come with the required library (libpcap) already installed.

After checking
policy-files, it told that it's lissening on interface ed0.Can I be sure
that it is true.

You can believe the interface it claims to be listening on, that code
is copied straight from tcpdump.

To test it, create a connection that should be observed from the interface,
terminate it, and see if Bro records it in the red.* output file.

    Vern