-
timestamp
Time that the IP was probed in UTC+0
-
ip
The IP address of the device in question
-
protocol
Protocol that the response came on (always UDP)
-
port
Port that the response came from (389/UDP)
-
hostname
Reverse DNS name of the device in question
-
tag
Will always be ldap-udp
-
asn
ASN of where the device in question resides
-
geo
Country where the device in question resides
-
region
State / Province / Administrative region where the device in question resides
-
city
City in which the device in question resides
-
naics
North American Industry Classification System Code
-
sic
Standard Industrial Classification System Code
-
size
The size of the response (without UDP headers)
-
configuration_naming_context
Distinguished name of the root of the configuration naming context of the domain controller
-
current_time
The current system time on the domain controller
-
default_naming_context
Distinguished name of the default naming context of the domain controller
-
dns_host_name
DNS address of the domain controller
-
domain_controller_functionality
Integer indicating the functional level of the domain controller
-
domain_functionality
Integer indicating the functional level of the domain
-
ds_service_name
Distinguished name of the nTDSDSA object for the domain controller
-
forest_functionality
Integer indicating the functional level of the forest
-
highest_committed_usn
The update sequence number of the domain controller
-
is_global_catalog_ready
Boolean value indicating if this DC is a global catalog that has completed at least one synchronization of its global catalog data with its replication partners
-
is_synchronized
Boolean value indicating if the DC has completed at least one synchronization with its replication partners
-
ldap_service_name
The LDAP service name for the LDAP server on the domain controller
-
naming_contexts
Multivalued set of distinguished names
-
root_domain_naming_context
The distinguished name of the root domain naming context
-
schema_naming_context
The distinguished name of the root of the schema naming context
-
server_name
The distinguished name of the server object
-
subschema_subentry
The distinguished name for the location of the subSchema object where the classes and attributes in the directory are defined
-
supported_capabilities
A multivalued set of OIDs specifying the capabilities supported by the domain controller
-
supported_control
A multivalued set of OIDs specifying the LDAP controls supported by the domain controller
-
supported_ldap_policies
A multivalued set of strings specifying the LDAP administrative query policies supported by the domain controller
-
supported_ldap_version
Set of integers specifying the versions of LDAP supported by the domain controller
-
supported_sasl_mechanisms
A multivalued set of strings specifying the security mechanisms supported for SASL negotiation