base/bif/plugins/Zeek_SMB.smb2_events.bif.zeek¶
-
GLOBAL¶
| Namespace: | GLOBAL |
|---|
Summary¶
Events¶
smb2_message: event |
Generated for SMB/CIFS version 2 messages. |
Detailed Interface¶
Events¶
-
smb2_message¶ Type: event(c:connection, hdr:SMB2::Header, is_orig:bool)Generated for SMB/CIFS version 2 messages.
See Wikipedia for more information about the SMB/CIFS protocol. Zeek’s SMB/CIFS analyzer parses both SMB-over-NetBIOS on ports 138/139 and SMB-over-TCP on port 445.
C: The connection. Hdr: The parsed header of the SMB version 2 message. Is_orig: True if the message came from the originator side. See also:
smb1_message