mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
e76b56ce53
Highlights: - Reduced all DHCP events into a single dhcp_message event. (removed legacy events since they weren't widely used anyway) - Support many more DHCP options. - DHCP log is completely reworked and now represents DHCP sessions based on the transaction ID (and works on clusters). - Removed the known-devices-and-hostnames script since it's generally less relevant now with the updated log.
10 lines
639 B
Text
10 lines
639 B
Text
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path dhcp
|
|
#open 2018-03-01-15-30-58
|
|
#fields ts uids client_addr server_addr mac host_name client_fqdn domain requested_addr assigned_addr lease_time client_message server_message msg_types duration circuit_id agent_remote_id subscriber_id
|
|
#types time set[string] addr addr string string string string addr addr interval string string vector[string] interval string string string
|
|
1102274184.387798 CHhAvVGS1DHFjwGM9 192.168.0.10 10.10.0.1 00:0a:28:00:fa:42 - - - - 192.168.0.10 3600.000000 - - ACK 0.000000 this is only a test... \x13 -subID-
|
|
#close 2018-03-01-15-30-58
|