Suricata

lua output can't work at osx,but work well at centos 6.5

[yp@wonagequ suricata]$ sudo suricata -c /usr/local/etc/suricata/suricata.yaml -i en2 -vv
Password:
11/5/2015 -- 11:01:54 - <Notice> - This is Suricata version 2.1beta4 RELEASE
11/5/2015 -- 11:01:54 - <Info> - CPUs/cores online: 4
11/5/2015 -- 11:01:54 - <Info> - 'default' server has 'request-body-minimal-inspect-size' set to 33882 and 'request-body-inspect-window' set to 4053 after randomization.
11/5/2015 -- 11:01:54 - <Info> - 'default' server has 'response-body-minimal-inspect-size' set to 33695 and 'response-body-inspect-window' set to 4218 after randomization.
11/5/2015 -- 11:01:54 - <Info> - DNS request flood protection level: 500
11/5/2015 -- 11:01:54 - <Info> - DNS per flow memcap (state-memcap): 524288
11/5/2015 -- 11:01:54 - <Info> - DNS global memcap: 16777216
11/5/2015 -- 11:01:54 - <Info> - Modbus request flood protection level: 500
11/5/2015 -- 11:01:54 - <Info> - Found an MTU of 1500 for 'en2'
11/5/2015 -- 11:01:54 - <Info> - allocated 5242880 bytes of memory for the defrag hash... 65536 buckets of size 80
11/5/2015 -- 11:01:54 - <Info> - preallocated 65535 defrag trackers of size 192
11/5/2015 -- 11:01:54 - <Info> - defrag memory usage: 17825600 bytes, maximum: 33554432
11/5/2015 -- 11:01:54 - <Info> - AutoFP mode using default "Active Packets" flow load balancer
11/5/2015 -- 11:01:54 - <Info> - allocated 524288 bytes of memory for the host hash... 4096 buckets of size 128
11/5/2015 -- 11:01:54 - <Info> - preallocated 1000 hosts of size 136
11/5/2015 -- 11:01:54 - <Info> - host memory usage: 684288 bytes, maximum: 16777216
11/5/2015 -- 11:01:54 - <Info> - allocated 8388608 bytes of memory for the flow hash... 65536 buckets of size 128
11/5/2015 -- 11:01:54 - <Info> - preallocated 10000 flows of size 304
11/5/2015 -- 11:01:54 - <Info> - flow memory usage: 11508608 bytes, maximum: 67108864
11/5/2015 -- 11:01:54 - <Info> - stream "prealloc-sessions": 2048 (per thread)
11/5/2015 -- 11:01:54 - <Info> - stream "memcap": 33554432
11/5/2015 -- 11:01:54 - <Info> - stream "midstream" session pickups: disabled
11/5/2015 -- 11:01:54 - <Info> - stream "async-oneside": disabled
11/5/2015 -- 11:01:54 - <Info> - stream "checksum-validation": disabled
11/5/2015 -- 11:01:54 - <Info> - stream."inline": disabled
11/5/2015 -- 11:01:54 - <Info> - stream "max-synack-queued": 5
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly "memcap": 134217728
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly "depth": 1048576
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly "toserver-chunk-size": 2586
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly "toclient-chunk-size": 2540
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly.raw: enabled
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 4, prealloc 256
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 16, prealloc 512
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 112, prealloc 512
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 248, prealloc 512
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 512, prealloc 512
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 768, prealloc 1024
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 1448, prealloc 1024
11/5/2015 -- 11:01:54 - <Info> - segment pool: pktsize 65535, prealloc 128
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly "chunk-prealloc": 250
11/5/2015 -- 11:01:54 - <Info> - stream.reassembly "zero-copy-size": 128
11/5/2015 -- 11:01:54 - <Info> - allocated 524288 bytes of memory for the ippair hash... 4096 buckets of size 128
11/5/2015 -- 11:01:54 - <Info> - preallocated 1000 ippairs of size 152
11/5/2015 -- 11:01:54 - <Info> - ippair memory usage: 684288 bytes, maximum: 16777216
11/5/2015 -- 11:01:54 - <Info> - using magic-file /usr/local/opt/libmagic/share/misc/magic.mgc
11/5/2015 -- 11:01:54 - <Info> - Delayed detect disabled
11/5/2015 -- 11:01:54 - <Info> - IP reputation disabled
11/5/2015 -- 11:02:00 - <Info> - 48 rule files processed. 16477 rules successfully loaded, 0 rules failed
11/5/2015 -- 11:02:00 - <Info> - 16485 signatures processed. 910 are IP-only rules, 5076 are inspecting packet payload, 12360 inspect application layer, 94 are decoder event only
11/5/2015 -- 11:02:00 - <Info> - building signature grouping structure, stage 1: preprocessing rules... complete
11/5/2015 -- 11:02:00 - <Info> - building signature grouping structure, stage 2: building source address list... complete
11/5/2015 -- 11:02:02 - <Info> - building signature grouping structure, stage 3: building destination address lists... complete
11/5/2015 -- 11:02:03 - <Info> - Threshold config parsed: 0 rule(s) found
11/5/2015 -- 11:02:03 - <Info> - Core dump size set to unlimited.
11/5/2015 -- 11:02:03 - <Info> - fast output device (regular) initialized: fast.log
11/5/2015 -- 11:02:03 - <Info> - eve-log output device (regular) initialized: eve.json
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'alert'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'http'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'dns'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'tls'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'files'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'smtp'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'ssh'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'flow'
11/5/2015 -- 11:02:03 - <Info> - enabling 'eve-log' module 'netflow'
11/5/2015 -- 11:02:03 - <Info> - http-log output device (regular) initialized: http.log
11/5/2015 -- 11:02:03 - <Info> - Using log dir /usr/local/var/log/suricata/
11/5/2015 -- 11:02:03 - <Info> - using normal logging
11/5/2015 -- 11:02:03 - <Info> - stats output device (regular) initialized: stats.log
11/5/2015 -- 11:02:03 - <Info> - enabling script flowtest.lua
[yp@wonagequ suricata]$