Hi
Is there any logs that contains SMB stats ? why conn.log doesn’t contains SMB connection ?
I have bro 2.5
Thanks
Izik Birka
Hi
Is there any logs that contains SMB stats ? why conn.log doesn’t contains SMB connection ?
I have bro 2.5
Thanks
Izik Birka
Hi
Any idea ?
Hi,
I might be mistaken here, but I think that datastreams in smb can use
multiple tcp connections. For individual files, you should be able to look
at files log; if you want an aggregate, you will probably have to script
that yourself.
Johanna