Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 10:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Rework to the DHCP analyzer.

Browse source 
Highlights:
 - Reduced all DHCP events into a single dhcp_message event. (removed legacy events since they weren't widely used anyway)
 - Support many more DHCP options.
 - DHCP log is completely reworked and now represents DHCP sessions
   based on the transaction ID (and works on clusters).
 - Removed the known-devices-and-hostnames script since it's generally
   less relevant now with the updated log.
This commit is contained in:
Seth Hall 2018-03-01 08:36:32 -08:00
parent c2f35920fd
commit e76b56ce53
28 changed files with 1234 additions and 732 deletions
Download patch file Download diff file Expand all files Collapse all files

2
testing/btest/scripts/base/protocols/dhcp/dhcp-sub-opts.btest Normal file
View file

@ -0,0 +1,2 @@
# @TEST-EXEC: bro -r $TRACES/dhcp/dhcp_ack_subscriber_id_and_agent_remote_id.trace %INPUT protocols/dhcp/sub-opts
# @TEST-EXEC: btest-diff dhcp.log