[Bro] smb log add new field

ps sunu pssunu6 at gmail.com
Thu Nov 2 02:25:37 PDT 2017


Hi,
                    I need to add new filed in smb_mapping.log and and
smb_files.log, i tried below code
but its giving error


@load base/protocols/smb

module SMB;

#redef LogAscii::use_json = T;
export
  {

 }
redef record SMB::TreeInfo +=   {
    orig_country_code: string &log &optional;


  };

nternal warning in ././trybro.bro, line 10: Can't document redef of
SMB::TreeInfo, identifier lookup failed
internal warning in ././trybro.bro, line 11: Can't document record field
orig_country_code, unknown record: SMB::TreeInfo
error in ././trybro.bro, line 10: unknown identifier (SMB::TreeInfo)



Regards,
Sunu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171102/db81c608/attachment.html 


More information about the Bro mailing list