Issue defining "Site::local_admins" variable

Good morning,

I’m working on email separation between users and admins on my local Bro instance and I’m not understanding the syntax for either the “Site::get_emails” or the “Site::local_admins” variables for ACTION_EMAIL_ADMIN. Since I avoid functions, I attempted to redefine the following in my local.bro:

redef Site::local_admins += {
table([] = “,”);


Bro doesn’t like this and I’m unable to find previous examples for guidance. Could someone point me in the right direction?


It's a table of a set of strings:

scripts/base/utils/site.bro: const local_admins: table[subnet] of set[string] = {} &redef;

$ git grep redef.*local_admins
testing/btest/scripts/base/utils/site.test:redef Site::local_admins += {
$ cat testing/btest/scripts/base/utils/site.test
# @TEST-EXEC: bro %INPUT > output
# @TEST-EXEC: btest-diff output

# This is loaded by default.
#@load base/utils/site

global a = { "", "" };
global b = { "" };

redef Site::local_admins += {
    [] = a,
    [] = b,

event bro_init()
    print Site::get_emails(;
    print Site::get_emails(;

Thanks Justin. That worked. :slight_smile:

Out of curiosity, what does the “print Site::get_emails()” statement do?

## Function that returns a comma-separated list of email addresses
    ## that are considered administrators for the IP address provided as
    ## an argument.
    ## The function inspects :bro:id:`Site::local_admins`.
    global get_emails: function(a: addr): string;

I see. Thanks again.

For context on this functionality, it was written for Universities with distributed administrators for all of the networks. It was written so I could load the database of network admins into Bro and have it email the responsible party automatically.