base/bif/plugins/Zeek_SMB.smb1_com_write_andx.bif.zeek¶
-
GLOBAL¶
| Namespace: | GLOBAL |
|---|
Summary¶
Events¶
smb1_write_andx_request: event |
Generated for SMB/CIFS version 1 requests of type write andx. |
smb1_write_andx_response: event |
Generated for SMB/CIFS version 1 responses of type write andx. |
Detailed Interface¶
Events¶
-
smb1_write_andx_request¶ Type: event(c:connection, hdr:SMB1::Header, file_id:count, offset:count, data_len:count)Generated for SMB/CIFS version 1 requests of type write andx. This is sent by the client to write bytes to a regular file, a named pipe, or a directly accessible I/O device such as a serial port (COM) or printer port (LPT).
For more information, see MS-CIFS:2.2.4.43
C: The connection. Hdr: The parsed header of the SMB version 1 message. Offset: The byte offset into the referenced file data is being written. Data: The data being written. See also:
smb1_message,smb1_write_andx_response
-
smb1_write_andx_response¶ Type: event(c:connection, hdr:SMB1::Header, written_bytes:count)Generated for SMB/CIFS version 1 responses of type write andx. This is the server response to the write andx request.
For more information, see MS-CIFS:2.2.4.43
C: The connection. Hdr: The parsed header of the SMB version 1 message. Written_bytes: The number of bytes the server reported having actually written. See also:
smb1_message,smb1_write_andx_request