Resources For IT Professionals
Post an article
Wikis - Page Details
Options
RSSSubscribe to Article (RSS)
Can You Improve This Article?
Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.
Wiki  >  TechNet Articles  >  Network Monitor SMB Filtering

Network Monitor SMB Filtering

Network Monitor SMB Filtering

Data Fields:

Field

Description

Example
SMB.Command Filter on a specific SMB Command number SMB.Command==0x2F
SMB.NTStatus Represents the error value of an SMB command.  The example looks for any frame with an error (non zero). SMB.NTStatus != 0

 Properties:

Property Description Example
SMBFileID The File ID for any kind of SMB request. SMBFileID==0x4000
SMBFileName The file name for an SMB request.  This might also be stored as conversation state information so there may not be associated frame data. SMBFileName.Contains("xxx")
SMBCommand Represents the SMB command for the current frame.  If two SMB Commands exist, this will only represent the last one. SMBCommand==0x2F
SMBPID Process ID for the SMB command based on the value in the SMB header. SMBPID==0x1234
SMBStatus SMB Status represented as a Numeric value. SMBStatus != 0

Return to the List of Top Level Protocols

Network Monitor Blog

, , [Edit tags]
Leave a Comment
  • Please add 5 and 8 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
Page 1 of 1 (1 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Posted by
    on 10 Sep 2013 1:19 PM

    Maheshkumar S Tiwari edited Revision 5. Comment: Added tags

Page 1 of 1 (1 items)