reinitializeDevice Event Differentiation

[jcyprus]

Feature Request

Give the parser the ability to differentiate between restarts, idle, and backup/restore actions during a reinitializeDevice event.

Feature Context

The BACnet event reinitializeDevice has multiple subcommands: warm restart, cold restart, idle, and different types of backups and restores. The current parser implementation treats all reinitializeDevice commands as the same BACnet header. This results in each of the event subcommands above being logged as a generic reinitializeDevice event.

Feature Value Add

Since these reinitializeDevice subcommands vary widely and each have different implications for the device they are issued to, users would benefit from the ability to know explicitly which subcommand is being sent. A user may leverage these subcommands to differentiate and rank the actions in varying importance as a part of their detection plan. For this reason, the inclusion of this data somewhere in the log would be useful to let the user know which exact subcommand is being sent.

Additionally, it may help the parser user to have an additional field in the header file that consists of all unparsed or not-explicitly-titled data.

[Kleinspider]

Version 1.4 contains additional parsing of reinitializeDevice and deviceCommunicationControl messages.

These events are now logged to bacnet_device_control.log.

Please let us know if you have any thoughts to the implementation or additional fields or messages to add to this log!