 | 1 | initial version |
smb2.cmd==9 - Command: Write (9)<br>
What do you get with smb2.cmd==9 && smb2.filename
That would display any packets that are SMB2 Writes and have a smb2.filename field.
Sample file smb2-peter.pcap on the Wireshark Wiki might be a good starting point if you want to explore a common file. Example of filtering on specific command (Create) and filename string.
smb2.cmd==5 && smb2.filename contains "txt"
| | 2 | No.2 Revision |
What do you get with smb2.cmd==9 && smb2.filename
That would display any packets that are SMB2 Writes and have a smb2.filename field.
Sample file smb2-peter.pcap on the Wireshark Wiki might be a good starting point if you want to explore a common file. Example of filtering on specific command (Create) and filename string.
smb2.cmd==5 && smb2.filename contains "txt"
| | 3 | No.3 Revision |
smb2.cmd==9 - Command: Write (9)
What do you get with smb2.cmd==9 && smb2.filename
That would display any packets that are SMB2 Writes and have a smb2.filename field.
Sample file smb2-peter.pcap on the Wireshark Wiki might be a good starting point if you want to explore a common file. Example of filtering on specific command (Create) and filename string.
smb2.cmd==5 && smb2.filename contains "txt"