base/bif/plugins/Zeek_SMB.smb1_com_nt_create_andx.bif.zeek
- GLOBAL
- Namespace
GLOBAL
Summary
Events
Generated for SMB/CIFS version 1 requests of type nt create andx. |
|
Generated for SMB/CIFS version 1 responses of type nt create andx. |
Detailed Interface
Events
- smb1_nt_create_andx_request
- Type
event
(c:connection
, hdr:SMB1::Header
, file_name:string
)
Generated for SMB/CIFS version 1 requests of type nt create andx. This is sent by the client to create and open a new file, or to open an existing file, or to open and truncate an existing file to zero length, or to create a directory, or to create a connection to a named pipe.
For more information, see MS-CIFS:2.2.4.64
- Parameters
c – The connection.
hdr – The parsed header of the SMB version 1 message.
name – The
name
attribute specified in the message.
See also:
smb1_message
,smb1_nt_create_andx_response
- smb1_nt_create_andx_response
- Type
event
(c:connection
, hdr:SMB1::Header
, file_id:count
, file_size:count
, times:SMB::MACTimes
)
Generated for SMB/CIFS version 1 responses of type nt create andx. This is the server response to the nt create andx request.
For more information, see MS-CIFS:2.2.4.64
- Parameters
c – The connection.
hdr – The parsed header of the SMB version 1 message.
file_id – The SMB2 GUID for the file.
file_size – Size of the file.
times – Timestamps associated with the file in question.
See also:
smb1_message
,smb1_nt_create_andx_request