pom-ng:analyzer:http
Table of Contents
Analyzer http
This analyzer listens for http_query and http_response events as well as http packets and generates the http_request event and its associated payloads.
Events
| Name | Payload associated | Description |
|---|---|---|
| http_request | yes | Compound event containing informations from both http_query and http_response event. |
http_request
| Field | Type | Description |
|---|---|---|
| server_name | string | Hostname of the server, fetched from the header “Host” in the query. |
| server_addr | ipv4 or ipv6 | IPv4 or IPv6 address of the server. |
| client_addr | ipv4 or ipv6 | IPv4 or IPv6 address of the client. |
| server_port | uint16 | Port on the server side. |
| client_port | uint16 | Port on the client side. |
| request_proto | string | HTTP protocol version used for the request. |
| request_method | string | HTTP method used (e.g. GET, POST, …). |
| first_line | string | First line of the query. |
| url | string | URL requested. |
| query_time | timestamp | Time when the query was sent. |
| response_time | timestamp | Time when the response was sent. |
| username | string | Name of the user. |
| password | string | Password of the user. |
| status | uint16 | Response status. |
| query_headers | string list | List of headers in the query. |
| response_headers | string list | List of headers in the response. |
| post_data | string list | List of POST data from forms on the pages. |
| query_size | uint64 | Size of the query payload. |
| response_size | uint64 | Size of the response payload. |
pom-ng/analyzer/http.txt · Last modified: 2020/05/26 21:59 by 127.0.0.1