User Tools

Site Tools


pom-ng:events

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
pom-ng:events [2013/01/03 23:33]
2001:7e8:2221:300:224:8cff:fe0b:7d8e Add event tftp_file
pom-ng:events [2017/10/06 19:34] (current)
gmsoft Add the imap events
Line 7: Line 7:
 Here is a list of all the events : Here is a list of all the events :
 ^ Name ^ Source ^ Payload associated ^ Description ^ ^ Name ^ Source ^ Payload associated ^ Description ^
-|[[pom-ng:​analyzer:​arp#​arp_new_sta|arp_new_sta]]|[[pom-ng:​analyzer:​arp|analyzer arp]]|no|New station found.| +|[[pom-ng:​analyzer:​arp#​arp_new_sta]]|[[pom-ng:​analyzer:​arp|analyzer arp]]|no|New station found.| 
-|[[pom-ng:​analyzer:​arp#​arp_sta_changed|arp_sta_changed]]|[[pom-ng:​analyzer:​arp|analyzer arp]]|no|Station MAC address changed.| +|[[pom-ng:​analyzer:​arp#​arp_sta_changed]]|[[pom-ng:​analyzer:​arp|analyzer arp]]|no|Station MAC address changed.| 
-|[[pom-ng:​analyzer:​dns#​dns_record|dns_record]]|[[pom-ng:​analyzer:​dns|analyzer dns]]|no|New DNS record found.| +|[[pom-ng:​analyzer:​dns#​dns_record]]|[[pom-ng:​analyzer:​dns|analyzer dns]]|no|New DNS record found.| 
-|[[pom-ng:​analyzer:​docsis#​docsis_cm_new|docsis_cm_new]]|[[pom-ng:​analyzer:​docsis|analyzer docsis]]|no|A new cable modem has been found.| +|[[pom-ng:​analyzer:​docsis#​docsis_cm_new]]|[[pom-ng:​analyzer:​docsis|analyzer docsis]]|no|A new cable modem has been found.| 
-|[[pom-ng:​analyzer:​docsis#​docsis_cm_reg_status|docsis_cm_reg_status]]|[[pom-ng:​analyzer:​docsis|analyzer docsis]]|no|The registration status of a cable modem changed.| +|[[pom-ng:​analyzer:​docsis#​docsis_cm_reg_status]]|[[pom-ng:​analyzer:​docsis|analyzer docsis]]|no|The registration status of a cable modem changed.| 
-|[[pom-ng:​proto:​http#​http_query|http_query]]|[[pom-ng:​proto:​http|protocol http]]|no|Contains all the information about an HTTP query made by a client to a server.| +|[[pom-ng:​input:​docsis_scan#​docsis_scan_stream]]|[[pom-ng:​input:​docsis_scan|input docsis_scan]]|no|Provide information about discovered DOCSIS streams.| 
-|[[pom-ng:​analyzer:​http#​http_request|http_request]]|[[pom-ng:​analyzer:​http|analyzer http]]|yes|Compound event containing informations from both [[pom-ng:​proto:​http#​http_query|http_query]] and [[pom-ng:​proto:​http#​http_response|http_response]] event.| +|[[pom-ng:​input:​dvb_c#​dvb_status]]|[[pom-ng:​input:​dvb_atsc|input dvb_atsc]], [[pom-ng:​input:​dvb_c|input dvb_c]], [[pom-ng:​input:​dvb_s|input dvb_s]], [[pom-ng:​input:​docsis|input docsis]]|no|Locking status of a DVB interface.| 
-|[[pom-ng:​proto:​http#​http_response|http_response]]|[[pom-ng:​proto:​http|protocol http]]|no|Contains all the information about an HTTP response sent to a client by a server.| +|[[pom-ng:​proto:​http#​http_query]]|[[pom-ng:​proto:​http|protocol http]]|no|Contains all the information about an HTTP query made by a client to a server.| 
-|[[pom-ng:​analyzer:​tftp#tftp_file|tftp_file]]|[[pom-ng:​analyzer:​tftp|analyzer tftp]]|yes|Contains all the information about files transfered through TFTP.|+|[[pom-ng:​analyzer:​http#​http_request]]|[[pom-ng:​analyzer:​http|analyzer http]]|yes|Compound event containing informations from both [[pom-ng:​proto:​http#​http_query]] and [[pom-ng:​proto:​http#​http_response|http_response]] event.| 
 +|[[pom-ng:​proto:​http#​http_response]]|[[pom-ng:​proto:​http|protocol http]]|no|Contains all the information about an HTTP response sent to a client by a server.| 
 +|[[pom-ng:​analyzer:​imap#imap_auth]]|[[pom-ng:​analyzer:​imap|analyzer imap]]|no|Contains authentication attempts.| 
 +|[[pom-ng:​proto:​imap#​imap_cmd]]|[[pom-ng:​proto:​imap|protocol imap]]|no|Details the IMAP commands made by a client to a server.| 
 +|[[pom-ng:​analyzer:​imap#​imap_id]]|[[pom-ng:​analyzer:​imap|analyzer imap]]|no|Contains information about client and server ID commands.| 
 +|[[pom-ng:​analyzer:​imap#​imap_msg]]|[[pom-ng:​analyzer:​imap|analyzer imap]]|yes|Generated when a message or part of a message is found.| 
 +|[[pom-ng:​proto:​imap#​imap_pload]]|[[pom-ng:​proto:​imap|protocol imap]]|yes|Issued when a partial command will contain a payload (prefix-quoted strings).| 
 +|[[pom-ng:​proto:​imap#​imap_rsp]]|[[pom-ng:​proto:​imap|protocol imap]]|no|Details the IMAP response from a server to a client.| 
 +|[[pom-ng:​output:​pcap_flow#​pcap_flow_file]]|[[pom-ng:​output:​pcap_flow|output pcap_flow]]|no|Event containing informations about files created by the output pcap_flow.| 
 +|[[pom-ng:​proto:​ppp_chap#​ppp_chap_challenge_response]]|[[pom-ng:​proto:​ppp_chap|proto ppp_chap]]|no|Contains the content of PPP CHAP challenge or response packets.| 
 +|[[pom-ng:​analyzer:​ppp_chap#​ppp_chap_md5_auth]]|[[pom-ng:​analyzer:​ppp_chap|analyzer ppp_chap]]|no|Contains the crypto material of PPP-MD5 authentication.| 
 +|[[pom-ng:​analyzer:​ppp_chap#​ppp_chap_mschapv2_auth]]|[[pom-ng:​analyzer:​ppp_chap|analyzer ppp_chap]]|no|Contains the crypto material of PPP MSCHAPv2 authentication.| 
 +|[[pom-ng:​proto:​ppp_chap#​ppp_chap_success_failure]]|[[pom-ng:​proto:​ppp_chap|proto ppp_chap]]|no|Contains the content of PPP CHAP success or failure packets.| 
 +|[[pom-ng:​proto:​ppp_pap#​ppp_pap_request]]|[[pom-ng:​proto:​ppp_pap|proto ppp_pap]]|no|Contains all the information contained in a PPP-PAP request packet.| 
 +|[[pom-ng:​proto:​ppp_pap#​ppp_pap_ack_nack]]|[[pom-ng:​proto:​ppp_pap|proto ppp_pap]]|no|Contains all the information contained in an PPP-PAP ACK or NACK packet.| 
 +|[[pom-ng:​analyzer:​ppp_pap#​ppp_pap_auth]]|[[pom-ng:​analyzer:​ppp_pap|analyzer ppp_pap]]|no|Details of a PPP-PAP authentication attemp.| 
 +|[[pom-ng:​analyzer:​rtp#​rtp_stream]]|[[pom-ng:​analyzer:​rtp|analyzer rtp]]|yes|Provide information about the RTP stream.| 
 +|[[pom-ng:​analyzer:​sip#​sip_call]]|[[pom-ng:​analyzer:​sip|analyzer sip]]|yes|Begins when a call starts and ends when the call hangs up.| 
 +|[[pom-ng:​analyzer:​sip#​sip_call_dial]]|[[pom-ng:​analyzer:​sip|analyzer sip]]|no|A SIP call is being dialed and not yet ringing.| 
 +|[[pom-ng:​analyzer:​sip#​sip_call_ringing]]|[[pom-ng:​analyzer:​sip|analyzer sip]]|no|A SIP call is ringing.| 
 +|[[pom-ng:​analyzer:​sip#​sip_call_connect]]|[[pom-ng:​analyzer:​sip|analyzer sip]]|no|A SIP call connected (got picked up).| 
 +|[[pom-ng:​analyzer:​sip#​sip_call_hangup]]|[[pom-ng:​analyzer:​sip|analyzer sip]]|no|A SIP call was hanged up.| 
 +|[[pom-ng:​analyzer:​sip#​sip_call_dtmf]]|[[pom-ng:​analyzer:​sip|analyzer sip]]|no|Occurs on DTMF signal (from SIP INFO method).| 
 +|[[pom-ng:​analyzer:​smtp#​smtp_auth]]|[[pom-ng:​analyzer:​smtp|analyzer smtp]]|no|Contains credentials for SMTP authentication.| 
 +|[[pom-ng:​proto:​smtp#​smtp_cmd]]|[[pom-ng:​proto:​smtp|protocol smtp]]|no|Contains SMTP commands sent by clients.| 
 +|[[pom-ng:​analyzer:​smtp#​smtp_msg]]|[[pom-ng:​analyzer:​smtp|analyzer smtp]]|yes|Generated for each SMTP message.| 
 +|[[pom-ng:​proto:​smtp#​smtp_reply]]|[[pom-ng:​proto:​smtp|protocol smtp]]|no|Contains SMTP replies from the server.| 
 +|[[pom-ng:​analyzer:​tftp#​tftp_file]]|[[pom-ng:​analyzer:​tftp|analyzer tftp]]|yes|Contains all the information about files transfered through TFTP.|
pom-ng/events.1357256024.txt.gz · Last modified: 2013/01/03 23:33 by 2001:7e8:2221:300:224:8cff:fe0b:7d8e