How to identify Device in logs?

Eduardo2 years ago

How to identify Device in logs?

2022-06-30 14:43:58  INFO: [T901b3ce7: gt06 > 186.227.158.6] 78780522000a8b500d0a
2022-06-30 14:43:58  INFO: Position filtered by Invalid filters from device: 357789641125452
2022-06-30 14:43:59  INFO: user: 1, report: events, from: 2022-06-29 23:00, to: 2022-06-30 14:43, devices: [5256], groups: []
2022-06-30 14:44:02  INFO: user: 1, report: events, from: 2022-06-29 23:00, to: 2022-06-30 14:44, devices: [5256], groups: []
2022-06-30 14:44:03  INFO: [T901b3ce7: gt06 < 186.227.158.6] 78783c2201035778964112545216060f14032c16060f133723c90222287804b8b3f24838d70902d41f0a2800a0974604e6286400020000010000090005f14a0d0a
2022-06-30 14:44:03  INFO: [T901b3ce7: gt06 > 186.227.158.6] 78780522000573a70d0a
2022-06-30 14:44:03  INFO: Position filtered by Invalid filters from device: 357789641125452
2022-06-30 14:44:05  INFO: user: 1, report: events, from: 2022-06-29 23:00, to: 2022-06-30 14:44, devices: [5256], groups: []
2022-06-30 14:44:06  INFO: [Td75a3906] connected
2022-06-30 14:44:08  INFO: user: 1, report: events, from: 2022-06-29 23:00, to: 2022-06-30 14:44, devices: [5256], groups: []
2022-06-30 14:44:08  INFO: [T901b3ce7: gt06 < 186.227.158.6] 78783c2201035778964112545216060f14072416060f140724c70221f80004b88deb0038b40902d41f0a2800a0974604f82864000200000200000b0007dc100d0a
2022-06-30 14:44:08  INFO: [T901b3ce7: gt06 > 186.227.158.6] 78780522000750b50d0a
2022-06-30 14:44:08  INFO: Position filtered by Invalid filters from device: 357789641125452
2022-06-30 14:44:08  INFO: [Td75a3906: mxt < 186.227.159.6]
Anton Tananaev2 years ago

What do you mean? I see the device id in your log. Do you need something else?

Eduardo2 years ago

In this line how to identify?

2022-06-30 14:44:08  INFO: [T901b3ce7: gt06 < 186.227.158.6] 78783c2201035778964112545216060f14072416060f140724c70221f80004b88deb0038b40902d41f0a2800a0974604f82864000200000200000b0007dc100d0a
Anton Tananaev2 years ago

All the data is filtered, so it's hard to tell. But if it wasn't filtered, you'll see decoded messages with the same connection id T901b3ce7. That's how you can identify it. Alternatively you need to find the login message and decode the binary format according to the protocol to find the id.