base/bif/plugins/Bro_SMB.smb2_com_close.bif.bro
-
GLOBAL
| Namespace: | GLOBAL |
|---|---|
| Source File: | /scripts/base/bif/plugins/Bro_SMB.smb2_com_close.bif.bro |
Summary
Events
smb2_close_request: event |
Generated for SMB/CIFS version 2 requests of type close. |
smb2_close_response: event |
Generated for SMB/CIFS version 2 responses of type close. |
Detailed Interface
Events
-
smb2_close_request Type: event(c:connection, hdr:SMB2::Header, file_id:SMB2::GUID)Generated for SMB/CIFS version 2 requests of type close. This is used by the client to close an instance of a file that was opened previously with a successful SMB2 CREATE Request.
For more information, see MS-SMB2:2.2.15
C: The connection. Hdr: The parsed header of the SMB version 2 message. File_name: The SMB2 GUID of the file being closed. See also:
smb2_message,smb2_close_response
-
smb2_close_response Type: event(c:connection, hdr:SMB2::Header, response:SMB2::CloseResponse)Generated for SMB/CIFS version 2 responses of type close. This is sent by the server to indicate that an SMB2 CLOSE request was processed successfully.
For more information, see MS-SMB2:2.2.16
C: The connection. Hdr: The parsed header of the SMB version 2 message. Response: A record of attributes returned from the server from the close. See also:
smb2_message,smb2_close_request
Copyright 2016, The Bro Project.
Last updated on December 07, 2018.
Created using Sphinx 1.8.2.