The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on UDP/IP networks. DHCP server dynamically assigns an IP address to devices in the network.
In this article, I will discuss how do we get DHCP Logs by using Rust Programming Language. First of all, all the protocols and services maintain their logs in their specified locations but in the case of DHCP Server on Linux distribution, you won’t be able to get the DHCP Logs directly in the file system.
Before proceeding with this article, you should have your network with DHCP Server and Clients.
There are two phases in this article:
- How to redirect DHCP logs to a specified location (in a file)
- How to get the required logs with the help of Rust Programming
Logs Redirection
In the first phase, we will see how to redirect the logs in the specified location and then set the rotation of the logs (if needed).
There are certain steps which you have to follow:
Step 1: Add a rule file to /etc/rsyslog.d directory
This rule is defined to redirect DHCP Server Logs to a specific file so that we can read logs directly through the file (Using Rust Programming).
In the rsyslog.d directory, I’ve created a file called “00-dhcp-rule.conf” file which contains:
if $programname == 'dhcpd' then /var/log/dhcp.log & stopAbove line is used to redirect all the logs related to DHCP will store in the dhcp.log file.
Step 2: Setting up the Log Rotation
After adding a rule to rsyslog.d directory, now we have to add a line to the rsyslog file which resides in the “/etc/logrotate.d/” directory.
/var/log/dhcp.log
This line is added in the file to update logs on a regular basis (we can customize rotation as per our requirements).
Like we can add this line in daily basis segment:
/var/log/dhcp.log
{
rotate 7
daily
missingok
notifempty
delaycompress
compress
postrotate
/usr/lib/rsyslog/rsyslog-rotate
endscript
}So, we redirected the DHCP Logs successfully and now we can directly fetch all the logs with the help of Rust Program.
Fetch Desired Logs with Rust Program
With Rust Programming, we are going to filter out logs with some acceptance criteria, because in DHCP there are four scenarios:
- DHCPDISCOVER
- DHCPOFFER
- DHCPREQUEST
- DHCPACK/DHCPNAK
DHCP Logs are stored on the basis of the above four steps, and in this post, we are going to fetch logs related to DHCPACK, because DHCPACK gives us the details of those devices which are allocated with an IP Address from our DHCP Server and to keep track of the network we will filter out only DHCPACK logs.
Rust Program to Fetch the Desired Logs
use std::process::{Command, Output};
fn main() {
let result: Output = Command::new("grep")
.args(&["DHCPACK", "/var/log/dhcp.log"])
.output()
.expect("failed to execute command");
println!("stdout: {}", String::from_utf8_lossy(&result.stdout));
}In the above example, we’ve used the System Commands provided by the Standard Library, then apply the regular expression in the Linux distribution with the help of grep(global regular ecoression print) command.
And provide pattern (DHCPACK) in the dhcp.log file, and you can add use pattern according to your requirement and fetch the logs.
Output:
Hope you all will understand how to fetch DHCP Logs through Rust Programming.
Thanks for reading!
