主权项 |
1. A network interface device comprising:
a first communication interface coupled to an information handling system; a second communication interface coupled to a management controller; a network port coupled to a network; a memory including first code and second code; and a processor operable to execute the first code to communicate network data packets between the first communication interface and the network port, and to execute the second code to:
launch a log module in response to a command from the management controller;receive, by the log module, a malicious packet marker from the information handling system;store, by the log module, the malicious packet marker to the memory;receive, by the log module, a job entry from a management system separate from the management controller, wherein the job entry is received via the management controller via the second communication interface; andin response to receiving the job entry, to:
monitor, by the log module, the network data packets flowing between the first communication interface and the network port;determine, by the log module, that a packet matches the malicious packet marker;store, by the log module, log information from the packet to the memory in response to determining that the packet matches the malicious packet marker; andsend, by the log module, the log information to the management controller via the second communication interface. |