Custom DHCP Logging
Andre Mamitzsch
andre at mamitzsch.de
Wed Mar 12 21:03:50 UTC 2008
>> Notice that any fields in the mac address that had leading zeroes are now
missing them. This makes matching difficult when looking through the logs.
Here is the logging method we are using:
log(info,
concat("DHCPEXTLOG for ",
binary-to-ascii(10,8, ".", leased-address), " leased to ",
concat (suffix (concat
("0", binary-to-ascii (16, 8, "", substring( hardware, 1, 1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "",substring( hardware, 2, 1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring( hardware, 3, 1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring( hardware, 4, 1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring( hardware, 5, 1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring( hardware, 6, 1))),2),
" via bridge ",
concat (suffix (concat
("0", binary-to-ascii (16, 8, "", substring(option agent.remote-id, 0,
1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "",substring(option agent.remote-id, 1,
1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring(option agent.remote-id, 2,
1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring(option agent.remote-id, 3,
1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring(option agent.remote-id, 4,
1))),2),
":",
suffix (concat
("0", binary-to-ascii (16, 8, "", substring(option agent.remote-id, 5,
1))),2),
" using vendor-identifier ",
option vendor-class-identifier,
"Modem Typ"
)
)));
}
Regards,
Andre
Von: Blake Hudson <blake at ispn.net>
Antworten an: <dhcp-users at isc.org>
Datum: Wed, 12 Mar 2008 15:02:20 -0500
An: <dhcp-users at isc.org>
Betreff: Custom DHCP Logging
Hello, I'm having some trouble with custom logging in DHCP. I'd like to log
option 82 info with DHCP requests, using the following commands:
if exists agent.circuit-id and option dhcp-message-type = 3
{
# Log Circuit ID
log ( info, concat( "OPTION-82 for ", binary-to-ascii (10,
8, ".",leased-address),
" from ",
substring(binary-to-ascii(16,8,":",hardware),2,24),
" Circuit ID: ", (option agent.circuit-id), "."));
# Log Agent ID
log ( info, concat( "OPTION-82 for ", binary-to-ascii (10,
8, ".",leased-address),
" from ",
substring(binary-to-ascii(16,8,":",hardware),2,24),
" Agent ID: " , (option agent.remote-id),"."));
}
This results in output similar to the following:
Mar 12 12:52:20 mamba dhcpd: DHCPDISCOVER from 00:xx:xx:xx:05:5a via
xx.xx.70.1
Mar 12 12:52:20 mamba dhcpd: DHCPOFFER on xx.xx.232.223 to 00:xx:xx:xx:05:5a
via xx.xx.70.1
Mar 12 12:52:20 mamba dhcpd: OPTION-82 for xx.xx.232.223 from
0:xx:xx:xx:5:5a Circuit ID: n25-1-vb18-482-vlan8
Mar 12 12:52:20 mamba dhcpd: OPTION-82 for xx.xx.232.223 from
0:xx:xx:xx:5:5a Agetnt ID: N60-1-4-1-4-1-1
Mar 12 12:52:20 mamba dhcpd: DHCPREQUEST for xx.xx.232.223 (xx.xx.64.17)
from 00:xx:xx:xx:05:5a via xx.xx.70.1
Mar 12 12:52:20 mamba dhcpd: DHCPACK on xx.xx.232.223 to 00:xx:xx:xx:05:5a
via xx.xx.70.1
Notice that any fields in the mac address that had leading zeroes are now
missing them. This makes matching difficult when looking through the logs.
I've also tried using the dhcp-client-identifier with no luck, is there a
way to keep this information intact? How is the default logging mechanism
keeping this information whole?
Thanks,
--Blake
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20080312/96190b92/attachment.html>
More information about the dhcp-users
mailing list