pom-ng:proto:http
Table of Contents
Protocol http
This module parses HTTP connections as defined in RFC 2616.
Events
| Name | Payload associated | Description |
|---|---|---|
| http_query | no | Contains all the information about an HTTP query made by a client to a server. |
| http_response | no | Contains all the information about an HTTP response sent to a client by a server. |
If you are looking for a compound event containing information on both the query and the request, there is the event http_request from the http analyzer.
http_query
This event is generated for each client query addressed to a server.
| Field | Type | Description |
|---|---|---|
| first_line | string | First line of the request. Usually something like “GET / HTTP/1.1”. |
| proto_version | string | Version of the protocol used for the query if specified for example : “HTTP/1.1”. |
| method | string | HTTP method used. For example “GET” or “POST”. |
| url | string | URL requested by the client without the hostname. |
| start_time | timestamp | When the query started. |
| end_time | timestamp | When the query was fully sent. |
| headers | string list | List of headers in the query. |
http_response
This event is generated for each reply from the server to the client.
| Field | Type | Description |
|---|---|---|
| status | uint16 | Status code of the response. For example 200. |
| proto_version | string | Version of the protocol used for the query if specified for example : “HTTP/1.1”. |
| start_time | timestamp | When the query started. |
| end_time | timestamp | When the query was fully sent. |
| headers | string list | List of headers in the response. |
Packet fields
None.
Parameters
None.
pom-ng/proto/http.txt · Last modified: 2020/05/26 21:59 by 127.0.0.1