base/bif/plugins/Bro_SMB.smb2_events.bif.bro

GLOBAL
Namespace:GLOBAL
Source File:/scripts/base/bif/plugins/Bro_SMB.smb2_events.bif.bro

Summary

Events

smb2_message: event Generated for SMB/CIFS version 2 messages.

Detailed Interface

Events

smb2_message
Type:event (c: connection, hdr: SMB2::Header, is_orig: bool)

Generated for SMB/CIFS version 2 messages.

See Wikipedia for more information about the SMB/CIFS protocol. Bro’s SMB/CIFS analyzer parses both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.

C:The connection.
Hdr:The parsed header of the SMB version 2 message.
Is_orig:True if the message came from the originator side.

See also: smb1_message

Copyright 2016, The Bro Project. Last updated on January 10, 2019. Created using Sphinx 1.7.5.