base/bif/plugins/Zeek_SMB.smb2_com_session_setup.bif.zeek

GLOBAL
Namespace

GLOBAL

Summary

Events

smb2_session_setup_request: event

Generated for SMB/CIFS version 2 requests of type session_setup.

smb2_session_setup_response: event

Generated for SMB/CIFS version 2 responses of type session_setup.

Detailed Interface

Events

smb2_session_setup_request
Type

event (c: connection, hdr: SMB2::Header, request: SMB2::SessionSetupRequest)

Generated for SMB/CIFS version 2 requests of type session_setup. This is sent by the client to request a new authenticated session within a new or existing SMB 2 Protocol transport connection to the server.

For more information, see MS-SMB2:2.2.5

Parameters
  • c – The connection.

  • hdr – The parsed header of the SMB version 2 message.

  • request – A record containing more information related to the request.

See also: smb2_message, smb2_session_setup_response

smb2_session_setup_response
Type

event (c: connection, hdr: SMB2::Header, response: SMB2::SessionSetupResponse)

Generated for SMB/CIFS version 2 responses of type session_setup. This is sent by the server in response to a session_setup request.

For more information, see MS-SMB2:2.2.6

Parameters
  • c – The connection.

  • hdr – The parsed header of the SMB version 2 message.

  • response – A record containing more information related to the response.

See also: smb2_message, smb2_session_setup_request