MAN page from RedHat EL 8 httpry-0.1.8-1.el8.x86_64.rpm
Section: User Commands (1)Index
httpry - HTTP logging and information retrieval tool
SYNOPSIShttpry [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ] [ -n count ] [ -o file ] [ -P file ] [ -r file ] [ -S bytes ] [ -u user ] [ 'expression' ]httpry -s [ -l threshold ] [ -t seconds ]httpry -h
httpryis a tool designed for displaying and logging HTTP traffic. It is not designedto perform analysis itself, but instead to capture, parse and log the trafficfor later analysis. It can be run in real-time displaying the live traffic onthe wire, or as a daemon process that logs to an output file.
- -b file
- Write all processed HTTP packets to a binary pcap dump file. Useful forfurther analysis of logged data.
- Run the program as a daemon process. All program status output will be sentto syslog. A pid file is created for the process in /var/run/httpry.pid bydefault. Requires an output file specified with -o.
- -f format
- Provide a comma-delimited string specifying the parsed HTTP data to output.See the doc/format-string file for further information regarding availableoptions and syntax.
- Disable all output buffering. This may be helpful when piping httpry outputinto another program.
- Display a brief description of these options.
- -i device
- Specify an ethernet interface for the program to listen on. If not specified,the program will poll the system for a list of interfaces and select thefirst one found.
- -l threshold
- Specify a requests per second rate threshold value when running in ratestatistics mode (-s). Only hosts with a rps value greater than or equal tothis number will be displayed. Defaults to 1.
- -m methods
- Provide a comma-delimited string that specifies the request methods to parse.The program defaults to parsing all of the standard RFC2616 method strings ifthis option is not set. See the doc/method-string file for more information.
- -n count
- Parse this number of HTTP packets and then exit. Defaults to 0, which meansloop forever.
- -o file
- Specify an output file for writing parsed packet data.
- Do not put the NIC in promiscuous mode on startup. Note that the NIC couldalready be in that mode for another reason.
- -P file
- Specify a path and filename for creating the PID file in daemon mode.
- Suppress non-critical output (startup banner, statistics, etc.).
- -r file
- Provide an input capture file to read from instead of performinga live capture. This option does not require root privileges.
- Run httpry in an HTTP request per second display mode. This periodicallydisplays the rate per active host and total rate at a specified interval.
- Specify a number of bytes to skip in the ethernet header. This allows forcustom header offsets to be accounted for.
- -t seconds
- Specify the host statistics display interval in seconds when running inrate statistics mode (-s). Defaults to 5 seconds.
- -u user
- Specify an alternate user to take ownership of the process and any outputfiles. You will need root privileges to do this; it will switch to the newuser after initialization.
- Specify a bpf-style capture filter, overriding the default. Here are a fewbasic examples starting with the default filter:
'tcp port 80 or 8080'
'tcp dst port 80'
'tcp dst port 80 and src host 192.168.1.1'
These filters will capture all web traffic both directions on two commonports, capture only requests made to port 80, and capture requests to port80 by a particular host, respectively. See 'man tcpdump' for furtherinformation on the syntax and available primitives.
was written by Jason Bittel <jason.bittelAATTgmail.com>. See included COPYINGfile for specific licensing information
This document was created byman2html,using the manual pages.