pom-ng:events
This is an old revision of the document!
Events
Events are the link between parsing protocols and doing something useful with the result. The events will describe what happened on a protocol level with as much details as possible.
Some events have one or more payload associated to them. For example, an HTTP request has a payload associated to it when the server returns the content of a web page. It might also have another payload associated if the client sends some information via a POST request.
Here is a list of all the events :
Name | Source | Payload associated | Description |
---|---|---|---|
arp_new_sta | analyzer arp | no | New station found. |
arp_sta_changed | analyzer arp | no | Station MAC address changed. |
dns_record | analyzer dns | no | New DNS record found. |
docsis_cm_new | analyzer docsis | no | A new cable modem has been found. |
docsis_cm_reg_status | analyzer docsis | no | The registration status of a cable modem changed. |
http_query | protocol http | no | Contains all the information about an HTTP query made by a client to a server. |
http_request | analyzer http | yes | Compound event containing informations from both http_query and http_response event. |
http_response | protocol http | no | Contains all the information about an HTTP response sent to a client by a server. |
smtp_auth | analyzer smtp | no | Contains credentials for SMTP authentication. |
smtp_cmd | protocol smtp | no | Contains SMTP commands sent by clients. |
smtp_msg | analyzer smtp | yes | Generated for each SMTP message. |
smtp_reply | protocol smtp | no | Contains SMTP replies from the server. |
tftp_file | analyzer tftp | yes | Contains all the information about files transfered through TFTP. |
pom-ng/events.1375443037.txt.gz · Last modified: 2020/05/26 21:59 (external edit)