diff --git a/LookupTables/fireware_msg_id_lookup_table.csv b/LookupTables/fireware_msg_id_lookup_table.csv
index 3218565..d659f12 100644
--- a/LookupTables/fireware_msg_id_lookup_table.csv
+++ b/LookupTables/fireware_msg_id_lookup_table.csv
@@ -573,3 +573,4 @@
 "7001-0008","INFO","Mobile Security / Endpoint Manager","Mobile device Not Compliant","Mobile device compliance status is Not Compliant, because it does not meet the compliance requirements."
 "7001-0009","INFO","Mobile Security / Endpoint Manager","Mobile device user session recreated","User session is recreated because the mobile device IP address changed."
 "7002-0000","INFO","Mobile Security / Endpoint Manager","Mobile device Authorization Agreement sign action","The Device Authorization Agreement is either accepted or declined by a user at the specified local time."
+"1600-0065","INFO","Networking / DHCP Server","DHCP Message","DHCP related Messages generated by builtin DHCP-Server"
diff --git a/content_pack_input.json b/content_pack_input.json
index f7258e8..84609d4 100644
--- a/content_pack_input.json
+++ b/content_pack_input.json
@@ -138,7 +138,7 @@
 					"converters": [],
 					"condition_type": "NONE",
 					"condition_value": "",
-					"order": 12
+					"order": 13
 				}, {
 					"title": "Firewall PacketFilter INFO 3000-0148",
 					"type": "GROK",
@@ -191,6 +191,19 @@
 					"condition_type": "REGEX",
 					"condition_value": "^.*tcp|udp|icmp.*\((.*)\)$",
 					"order": 1
+				}, {
+					"title": "Networking DHCP INFO 1600-0065",
+					"type": "GROK",
+					"cursor_strategy": "COPY",
+					"target_field": "",
+					"source_field": "message",
+					"configuration": {
+						"grok_pattern": "^.*\\) %{NOTSPACE:service}\\[%{NOTSPACE:process}\\]: msg_id=\"1600-0065\" %{DHCPMESSAGE:dhcp_message} to %{IPV4:dhcp_clientip} \\(%{MAC:dhcp_clientmac}\\) via vlan%{NOTSPACE:dhcp_clientvlan}"
+					},
+					"converters": [],
+					"condition_type": "REGEX",
+					"condition_value": "^.*msg_id=\"1600-0065\".*",
+					"order": 12
 				}
 			]
 		}],
diff --git a/content_pack_lookuptables.json b/content_pack_lookuptables.json
index 236d2f6..79d268c 100644
--- a/content_pack_lookuptables.json
+++ b/content_pack_lookuptables.json
@@ -6,7 +6,11 @@
 	"streams": [],
 	"outputs": [],
 	"dashboards": [],
-	"grok_patterns": [],
+	"grok_patterns": [{
+			"name": "DHCPMESSAGE",
+			"pattern": "(DHCPDISCOVER|DHCPOFFER|DHCPREQUEST|DHCPACK|DHCPNAK|DHCPRELEASE|DHCPDECLINE)"
+		}
+	],
 	"lookup_tables": [{
 			"title": "Lookup Table Fireware msg ID to Description",
 			"description": "Lookup Table for Watchguard msg ID's - http://www.watchguard.com/help/docs/fireware/11/en-US/log_catalog/index.html",