1HTTPRY(1)                   General Commands Manual                  HTTPRY(1)
2
3
4

NAME

6       httpry - HTTP logging and information retrieval tool
7

SYNOPSIS

9       httpry [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ]
10       [ -n count ] [ -o file ] [ -P file ] [ -r file ] [ -S bytes ] [ -u user
11       ] [ 'expression' ]
12       httpry -s [ -l threshold ] [ -t seconds ]
13       httpry -h
14

DESCRIPTION

16       httpry  is  a tool designed for displaying and logging HTTP traffic. It
17       is not designed to perform analysis itself,  but  instead  to  capture,
18       parse  and  log  the traffic for later analysis. It can be run in real-
19       time displaying the live traffic on the wire, or as  a  daemon  process
20       that logs to an output file.
21

OPTIONS

23       -b file
24              Write  all  processed  HTTP  packets to a binary pcap dump file.
25              Useful for further analysis of logged data.
26
27       -d     Run the program as a daemon process. All program  status  output
28              will be sent to syslog. A pid file is created for the process in
29              /var/run/httpry.pid by default. Requires an output  file  speci‐
30              fied with -o.
31
32       -f format
33              Provide a comma-delimited string specifying the parsed HTTP data
34              to output.  See the doc/format-string file for further  informa‐
35              tion regarding available options and syntax.
36
37       -F     Disable  all  output  buffering. This may be helpful when piping
38              httpry output into another program.
39
40       -h     Display a brief description of these options.
41
42       -i device
43              Specify an ethernet interface for the program to listen  on.  If
44              not  specified,  the  program will poll the system for a list of
45              interfaces and select the first one found.
46
47       -l threshold
48              Specify a requests per second rate threshold value when  running
49              in  rate  statistics  mode  (-s).  Only  hosts  with a rps value
50              greater than or equal to this number will be displayed. Defaults
51              to 1.
52
53       -m methods
54              Provide  a  comma-delimited  string  that  specifies the request
55              methods to parse.  The program defaults to parsing  all  of  the
56              standard  RFC2616  method strings if this option is not set. See
57              the doc/method-string file for more information.
58
59       -n count
60              Parse this number of HTTP packets and then exit. Defaults to  0,
61              which means loop forever.
62
63       -o file
64              Specify an output file for writing parsed packet data.
65
66       -p     Do not put the NIC in promiscuous mode on startup. Note that the
67              NIC could already be in that mode for another reason.
68
69       -P file
70              Specify a path and filename for creating the PID file in  daemon
71              mode.
72
73       -q     Suppress non-critical output (startup banner, statistics, etc.).
74
75       -r file
76              Provide an input capture file to read from instead of performing
77              a live capture. This option does not require root privileges.
78
79       -s     Run httpry in an HTTP request  per  second  display  mode.  This
80              periodically displays the rate per active host and total rate at
81              a specified interval.
82
83       -S     Specify a number of bytes to skip in the ethernet  header.  This
84              allows for custom header offsets to be accounted for.
85
86       -t seconds
87              Specify  the  host  statistics  display interval in seconds when
88              running in rate statistics mode (-s). Defaults to 5 seconds.
89
90       -u user
91              Specify an alternate user to take ownership of the  process  and
92              any  output  files. You will need root privileges to do this; it
93              will switch to the new user after initialization.
94
95       'expression'
96              Specify a bpf-style capture filter, overriding the default. Here
97              are a few basic examples starting with the default filter:
98
99               'tcp port 80 or 8080'
100               'tcp dst port 80'
101               'tcp dst port 80 and src host 192.168.1.1'
102
103              These  filters  will  capture all web traffic both directions on
104              two common ports, capture only requests made  to  port  80,  and
105              capture  requests to port 80 by a particular host, respectively.
106              See 'man tcpdump' for further  information  on  the  syntax  and
107              available primitives.
108

AUTHOR

110       httpry  was  written  by  Jason  Bittel  <jason.bittel@gmail.com>.  See
111       included COPYING file for specific licensing information
112
113
114
115                                                                     HTTPRY(1)
Impressum