Bro_SMB.smb2_com_set_info.bif.bro¶

Namespace:	GLOBAL
Source File:	`/scripts/base/bif/plugins/Bro_SMB.smb2_com_set_info.bif.bro`

Summary¶

`smb2_file_delete`: `event`	Generated for SMB/CIFS version 2 requests of type set_info of the delete subtype.
`smb2_file_rename`: `event`	Generated for SMB/CIFS version 2 requests of type set_info of the rename subtype.
`smb2_file_sattr`: `event`	Generated for SMB/CIFS version 2 requests of type set_info of the file subtype

smb2_file_delete¶

Type:	`event` (c: `connection`, hdr: `SMB2::Header`, file_id: `SMB2::GUID`, delete_pending: `bool`)

Generated for SMB/CIFS version 2 requests of type set_info of the delete subtype.

For more information, see MS-SMB2:2.2.39

C:	The connection.
Hdr:	The parsed header of the SMB version 2 message.
File_id:	The SMB2 GUID for the file.
Delete_pending:	A boolean value to indicate that a file should be deleted when it’s closed if set to T.

smb2_file_rename¶

Type:	`event` (c: `connection`, hdr: `SMB2::Header`, file_id: `SMB2::GUID`, dst_filename: `string`)

Generated for SMB/CIFS version 2 requests of type set_info of the rename subtype.

For more information, see MS-SMB2:2.2.39

C:	The connection.
Hdr:	The parsed header of the SMB version 2 message.
File_id:	A GUID to identify the file.
Dst_filename:	The filename to rename the file into.

smb2_file_sattr¶

Type:	`event` (c: `connection`, hdr: `SMB2::Header`, file_id: `SMB2::GUID`, times: `SMB::MACTimes`, attrs: `SMB2::FileAttrs`)

Generated for SMB/CIFS version 2 requests of type set_info of the file subtype

For more infomation, see MS-SMB2:2.2.39

C:	The connection.
Hdr:	The parsed header of the SMB version 2 message.
File_id:	The SMB2 GUID for the file.
Times:	Timestamps associated with the file in question.
Attrs:	File attributes.