[Bro] Parsing HTTP Traffic
Jamie Gausemel
jamie.gausemel at gmail.com
Fri Oct 24 08:46:16 PDT 2014
Could someone point me in the right direction... I simply need to parse out
usernames from HTTP packets that look like:
HTTP/1.1 200 OK
Server: nginx/1.4.2
Date: Wed, 22 Oct 2014 14:58:11 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 104
Connection: keep-alive
Set-Cookie: si=xxxxx; Max-Age=7199; Path=/; expires=Wed, 22-Oct-2014
16:58:11 GMT; HttpOnly
{"username": "first.last", "name": "first last", "groups": ["group name
goes here"]}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141024/b993ac50/attachment.html
More information about the Bro
mailing list