diff --git a/scripts/base/protocols/smb/consts.bro b/scripts/base/protocols/smb/consts.bro
index 965541c640..82d9087c08 100644
--- a/scripts/base/protocols/smb/consts.bro
+++ b/scripts/base/protocols/smb/consts.bro
@@ -125,6 +125,20 @@ export {
 		[0x10] = "GET_DFS_REFERRAL",	
 		[0x11] = "REPORT_DFS_INCONSISTENCY",	
 	} &default=function(i: count):string { return fmt("unknown-trans2-sub-cmd-%d", i); };
+
+	const trans_sub_commands: table[count] of string = {
+		[0x01] = "SET_NMPIPE_STATE",	
+		[0x11] = "RAW_READ_NMPIPE",	
+		[0x21] = "QUERY_NMPIPE_STATE",	
+		[0x22] = "QUERY_NMPIPE_INFO",	
+		[0x23] = "PEEK_NMPIPE",	
+		[0x26] = "TRANSACT_NMPIPE",	
+		[0x31] = "RAW_WRITE_NMPIPE",	
+		[0x36] = "READ_NMPIPE",	
+		[0x37] = "WRITE_NMPIPE",	
+		[0x53] = "WAIT_NMPIPE",	
+		[0x54] = "CALL_NMPIPE",	
+	} &default=function(i: count):string { return fmt("unknown-trans-sub-cmd-%d", i); };
 }
 
 module SMB2;
diff --git a/scripts/base/protocols/smb/smb1-main.bro b/scripts/base/protocols/smb/smb1-main.bro
index dd887cd2ca..af3aca97e4 100644
--- a/scripts/base/protocols/smb/smb1-main.bro
+++ b/scripts/base/protocols/smb/smb1-main.bro
@@ -307,4 +307,9 @@ event smb_ntlm_authenticate(c: connection, hdr: SMB1::Header, request: SMB::NTLM
 		{
 		c$smb_state$uid_map[hdr$uid] = user;
 		}
+	}
+
+event smb1_transaction_request(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count)
+	{
+	c$smb_state$current_cmd$sub_command = SMB1::trans_sub_commands[sub_cmd];
 	}
\ No newline at end of file
diff --git a/src/analyzer/protocol/smb/CMakeLists.txt b/src/analyzer/protocol/smb/CMakeLists.txt
index 64cb6fe558..301ff1b17f 100644
--- a/src/analyzer/protocol/smb/CMakeLists.txt
+++ b/src/analyzer/protocol/smb/CMakeLists.txt
@@ -20,6 +20,7 @@ bro_plugin_bif(
 	smb1_com_query_information.bif
 	smb1_com_read_andx.bif
 	smb1_com_session_setup_andx.bif
+	smb1_com_transaction.bif
 	smb1_com_transaction2.bif
 	smb1_com_tree_connect_andx.bif
 	smb1_com_tree_disconnect.bif
diff --git a/src/analyzer/protocol/smb/smb.pac b/src/analyzer/protocol/smb/smb.pac
index 597e54a7c1..8249780e5a 100644
--- a/src/analyzer/protocol/smb/smb.pac
+++ b/src/analyzer/protocol/smb/smb.pac
@@ -21,6 +21,7 @@
 #include "smb1_com_query_information.bif.h"
 #include "smb1_com_read_andx.bif.h"
 #include "smb1_com_session_setup_andx.bif.h"
+#include "smb1_com_transaction.bif.h"
 #include "smb1_com_transaction2.bif.h"
 #include "smb1_com_tree_connect_andx.bif.h"
 #include "smb1_com_tree_disconnect.bif.h"
diff --git a/src/analyzer/protocol/smb/smb1-com-transaction.pac b/src/analyzer/protocol/smb/smb1-com-transaction.pac
index d0e2a0e352..915a2e3c81 100644
--- a/src/analyzer/protocol/smb/smb1-com-transaction.pac
+++ b/src/analyzer/protocol/smb/smb1-com-transaction.pac
@@ -9,7 +9,9 @@ refine connection SMB_Conn += {
 
 	function proc_smb1_transaction_request(header: SMB_Header, val: SMB1_transaction_request): bool
 		%{
-		//printf("transaction_request\n");
+		if ( smb1_transaction_request )
+			BifEvent::generate_smb1_transaction_request(bro_analyzer(), bro_analyzer()->Conn(), BuildHeaderVal(header), \
+														 smb_string2stringval(${val.name}), ${val.sub_cmd});
 		return true;
 		%}
 	function proc_smb1_transaction_response(header: SMB_Header, val: SMB1_transaction_response): bool
diff --git a/src/analyzer/protocol/smb/smb1_com_transaction.bif b/src/analyzer/protocol/smb/smb1_com_transaction.bif
new file mode 100644
index 0000000000..05fe0fae67
--- /dev/null
+++ b/src/analyzer/protocol/smb/smb1_com_transaction.bif
@@ -0,0 +1 @@
+event smb1_transaction_request%(c: connection, hdr: SMB1::Header, name: string, sub_cmd: count%);
\ No newline at end of file