base/bif/plugins/Zeek_NTLM.events.bif.zeek

GLOBAL
Namespace:

GLOBAL

Summary

Events

ntlm_authenticate: event

Generated for NTLM messages of type authenticate.

ntlm_challenge: event

Generated for NTLM messages of type challenge.

ntlm_negotiate: event

Generated for NTLM messages of type negotiate.

Detailed Interface

Events

ntlm_authenticate
Type:

event (c: connection, request: NTLM::Authenticate)

Generated for NTLM messages of type authenticate.

Parameters:
  • c – The connection.

  • request – The parsed data of the NTLM message. See init-bare for more details.

See also: ntlm_negotiate, ntlm_challenge

ntlm_challenge
Type:

event (c: connection, challenge: NTLM::Challenge)

Generated for NTLM messages of type challenge.

Parameters:
  • c – The connection.

  • negotiate – The parsed data of the NTLM message. See init-bare for more details.

See also: ntlm_negotiate, ntlm_authenticate

ntlm_negotiate
Type:

event (c: connection, negotiate: NTLM::Negotiate)

Generated for NTLM messages of type negotiate.

Parameters:
  • c – The connection.

  • negotiate – The parsed data of the NTLM message. See init-bare for more details.

See also: ntlm_challenge, ntlm_authenticate