[Bro] dhcp log

[ps sunu]

no change same output

On Mon, Apr 10, 2017 at 9:24 PM, fatema bannatwala <
fatema.bannatwala at gmail.com> wrote:

> Could you try following in place of the original dhcp_ack event:
>
> event dhcp_ack(c: connection, msg: dhcp_msg, mask: addr, router: dhcp_router_list, lease: interval, serv_addr: addr, host_name: string)
> {
> local info: DHCP::Info;
> if ( c$dhcp$id$orig_h in TrackCONN::host_name_user1 )
>   { info$orig_hostname = TrackCONN::host_name_user1[c$dhcp$id$orig_h];
>    print host_name_user1[c$id$orig_h];
>   }
> }
>
>
> On Mon, Apr 10, 2017 at 11:21 AM, ps sunu <pssunu6 at gmail.com> wrote:
>
>> Hi,
>>        i created a bro which will record "client" field  and write it in
>> dhcp.log,the problem the recording part is working but its not writing into
>> dhcp file , its creating orig_hostname but its is blank any one help me
>>
>> below my script
>>
>> module TrackCONN;
>>
>>
>> export {
>>    global host_name_user1: table[addr] of string &synchronized &write_expire=7day;
>>
>>
>>   redef record DHCP::Info += {
>>
>>     orig_hostname: string &log &optional; #  take from dhcp hostname and kerberos host
>>
>>
>>   };
>> }
>>
>>
>> event KRB::log_krb (rec: KRB::Info)
>> {
>>  if(rec?$client) {
>>   host_name_user1[rec$id$orig_h] = rec$client;
>>   #print host_name_user1[rec$id$orig_h];
>>   }
>>
>>
>>
>> }
>>
>>
>> Regards,
>>
>> Sunu
>>
>>
>> event dhcp_ack(c: connection, msg: dhcp_msg, mask: addr, router: dhcp_router_list, lease: interval, serv_addr: addr, host_name: string)
>> {
>>
>> if ( c$dhcp$id$orig_h in TrackCONN::host_name_user1 )
>>     c$dhcp$orig_hostname = TrackCONN::host_name_user1[c$dhcp$id$orig_h];
>>     print host_name_user1[c$id$orig_h];
>> }
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170410/e93c2290/attachment-0001.html