mcholste at gmail.com
Mon Apr 23 13:25:29 PDT 2012
A big +1 for this analyzer. Turning on this functionality on the
server-side impacts performance significantly, so being able to do
this on the network is a big win.
On Mon, Apr 23, 2012 at 3:17 PM, Seth Hall <seth at icir.org> wrote:
> On Apr 23, 2012, at 4:00 PM, relevant username wrote:
>> I was wondering if anyone had a script (or documentation) that logs SMB traffic and activities including file names and folders being read, written, connections, etc.
> I believe that this analyzer is broken. I'm still working on the rewrite of the SMB analyzer which initially will probably focus primarily around file transfers and some of the associated data.
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> Bro mailing list
> bro at bro-ids.org
More information about the Bro