base/bif/plugins/Zeek_SMB.smb1_com_transaction.bif.zeek
- GLOBAL
- Namespace
GLOBAL
Summary
Events
Generated for SMB/CIFS version 1 requests of type transaction. |
|
Generated for SMB/CIFS version 1 requests of type transaction. |
Detailed Interface
Events
- smb1_transaction_request
- Type
event
(c:connection
, hdr:SMB1::Header
, name:string
, sub_cmd:count
, parameters:string
, data:string
)
Generated for SMB/CIFS version 1 requests of type transaction. This command serves as the transport for the Transaction Subprotocol Commands. These commands operate on mailslots and named pipes, which are interprocess communication endpoints within the CIFS file system.
For more information, see MS-CIFS:2.2.4.33.1
- C
The connection.
- Hdr
The parsed header of the SMB version 1 message.
- Name
A name string that MAY identify the resource (a specific Mailslot or Named Pipe) against which the operation is performed.
- Sub_cmd
The sub command, some may be parsed and have their own events.
- Parameters
content of the SMB_Data.Trans_Parameters field
- Data
content of the SMB_Data.Trans_Data field
See also:
smb1_message
,smb1_transaction2_request
- smb1_transaction_response
- Type
event
(c:connection
, hdr:SMB1::Header
, parameters:string
, data:string
)
Generated for SMB/CIFS version 1 requests of type transaction. This command serves as the transport for the Transaction Subprotocol Commands. These commands operate on mailslots and named pipes, which are interprocess communication endpoints within the CIFS file system.
For more information, see MS-CIFS:2.2.4.33.2
- C
The connection.
- Hdr
The parsed header of the SMB version 1 message.
- Parameters
content of the SMB_Data.Trans_Parameters field
- Data
content of the SMB_Data.Trans_Data field