dhcp: update user guide

diff --git a/doc/userguide/partials/eve-log.yaml b/doc/userguide/partials/eve-log.yaml
index 88fbd5260178f8cf0c1d30706e8565dc4726d572..178281ba4f41a0ff22af120084fbc19362ac1f03 100644 (file)
--- a/doc/userguide/partials/eve-log.yaml
+++ b/doc/userguide/partials/eve-log.yaml
@@ -163,6 +163,14 @@ outputs:
             totals: yes       # stats for all threads merged together
             threads: no       # per thread stats
             deltas: no        # include delta values
+        - dhcp:
+            # DHCP logging requires Rust.
+            enabled: @rust_config_enabled@
+            # When extended mode is on, all DHCP messages are logged
+            # with full detail. When extended mode is off (the
+            # default), just enough information to map a MAC address
+            # to an IP address is logged.
+            extended: no
         # bi-directional flows
         - flow
         # uni-directional flows

diff --git a/doc/userguide/rules/intro.rst b/doc/userguide/rules/intro.rst
index 64604f0970e0d222eaa9eb754b16c95204b8a51d..ab71a5c20d05aa2a5d259af722ddaf3bf0ea0b9d 100644 (file)
--- a/doc/userguide/rules/intro.rst
+++ b/doc/userguide/rules/intro.rst
@@ -81,6 +81,7 @@ you can pick from. These are:
 * ikev2 (depends on rust availability)
 * krb5 (depends on rust availability)
 * ntp (depends on rust availability)
+* dhcp (depends on rust availability)
 
 The availability of these protocols depends on whether the protocol is enabled in the configuration file suricata.yaml.