[Oisf-users] libhtp output format.
Victor Julien
victor at inliniac.net
Mon Jul 4 17:31:26 UTC 2011
On 07/04/2011 07:27 PM, Paul Halliday wrote:
> On Mon, Jul 4, 2011 at 2:19 PM, Victor Julien <victor at inliniac.net> wrote:
>> It's not documented, but it should be fairly self explanatory:
>>
>> timestamp, host header, normalized uri, ua header, srcip/sp, dstip/dp
>>
>> Does that help?
>
> Yup.
>
> [**] is a delimiter not a placeholder?
Indeed.
If you have some spare cycles you're welcome to document it on our wiki :)
Btw, Chris Wakelin wrote a patch to include some more info, see:
https://redmine.openinfosecfoundation.org/issues/38
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list