[Oisf-users] libhtp output format.
Paul Halliday
paul.halliday at gmail.com
Mon Jul 4 17:27:09 UTC 2011
On Mon, Jul 4, 2011 at 2:19 PM, Victor Julien <victor at inliniac.net> wrote:
> It's not documented, but it should be fairly self explanatory:
>
> timestamp, host header, normalized uri, ua header, srcip/sp, dstip/dp
>
> Does that help?
Yup.
[**] is a delimiter not a placeholder?
>
> Cheers,
> Victor
>
> On 07/04/2011 07:14 PM, Paul Halliday wrote:
>> Yes.
>>
>> On Mon, Jul 4, 2011 at 2:11 PM, Victor Julien <victor at inliniac.net> wrote:
>>> On 07/04/2011 06:56 PM, Paul Halliday wrote:
>>>> Is the format documented anywhere?
>>>
>>> Do you mean the format of the http.log?
>>>
>>> --
>>> ---------------------------------------------
>>> Victor Julien
>>> http://www.inliniac.net/
>>> PGP: http://www.inliniac.net/victorjulien.asc
>>> ---------------------------------------------
>>>
>>> _______________________________________________
>>> Oisf-users mailing list
>>> Oisf-users at openinfosecfoundation.org
>>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>>
>>
>>
>>
>
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
>
--
Paul Halliday
http://www.squertproject.org/
More information about the Oisf-users
mailing list