DHCP Server Logs

Overview

Evidence: DHCP Server Logs Description: Collect DHCP Server Logs Category: Applications Platform: aix Short Name: dhcpl Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

DHCP client daemon logs on AIX are stored in /usr/tmp/dhcpcd.log. These logs record DHCP client activities including IP address assignments, lease renewals, and DHCP server communications on AIX systems.

Data Collected

This collector gathers structured data about dhcp server logs.

Collection Method

This collector gathers DHCP client daemon logs from /usr/tmp/dhcpcd.log, which contains AIX DHCP client operational logs and network configuration activities.

Forensic Value

DHCP logs on AIX help track network configuration changes, IP address assignments, and network connectivity timeline. They're useful for investigating network-based attacks and establishing system network presence on AIX systems.

Notes

Artifact collector for AIX. Locations: /usr/tmp/dhcpcd.log