Zeek_SMB.smb1_com_write_andx.bif.zeek¶

GLOBAL¶

Namespace: GLOBAL

Summary¶

Events¶

`smb1_write_andx_request`: `event`	Generated for SMB/CIFS version 1 requests of type write andx.
`smb1_write_andx_response`: `event`	Generated for SMB/CIFS version 1 responses of type write andx.

Detailed Interface¶

Events¶

smb1_write_andx_request¶

Type: event (c: connection, hdr: SMB1::Header, file_id: count, offset: count, data_len: count)

Generated for SMB/CIFS version 1 requests of type write andx. This is sent by the client to write bytes to a regular file, a named pipe, or a directly accessible I/O device such as a serial port (COM) or printer port (LPT).

For more information, see MS-CIFS:2.2.4.43

C: The connection.
Hdr: The parsed header of the SMB version 1 message.
Offset: The byte offset into the referenced file data is being written.
Data: The data being written.

smb1_write_andx_response¶

Type: event (c: connection, hdr: SMB1::Header, written_bytes: count)

Generated for SMB/CIFS version 1 responses of type write andx. This is the server response to the write andx request.

For more information, see MS-CIFS:2.2.4.43

C: The connection.
Hdr: The parsed header of the SMB version 1 message.
Written_bytes: The number of bytes the server reported having actually written.