Support #2647
closedhow i can get all http data
Description
for http analysis, i capture all http traffic and found that some characters can not show , it gave "...." instead , plese check "ids01.jpg"
and then i capture it use firefox, and i see the part of "..." are Chinese, please check "firefox01.jpg"
i wan to know how i can capture the all data use suricata?
thanks
Files
Updated by Victor Julien about 6 years ago
Please see https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html?highlight=printable
You can specify 'http-body' and 'http-body-printable'. The first one will be lossless, base64 encoded.
Updated by yg lu about 6 years ago
Victor Julien wrote:
Please see https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html?highlight=printable
You can specify 'http-body' and 'http-body-printable'. The first one will be lossless, base64 encoded.
thanks a lot, i got it , thanks again
Updated by Victor Julien about 6 years ago
- Status changed from New to Closed
- Priority changed from High to Normal
- Target version deleted (
4.0.5)