lunar (1) httpry.1.gz

Provided by: httpry_0.1.8-3_amd64 bug

NAME

       httpry - HTTP logging and information retrieval tool

SYNOPSIS

       httpry  [ -dFpq ] [ -b file ] [ -f format ] [ -i device ] [ -m methods ] [ -n count ] [ -o
       file ] [ -P file ] [ -r file ] [ -S bytes ] [ -u user ] [ 'expression' ]
       httpry -s [ -l threshold ] [ -t seconds ]
       httpry -h

DESCRIPTION

       httpry is a tool designed for displaying and logging HTTP traffic. It is not  designed  to
       perform  analysis  itself,  but  instead  to  capture, parse and log the traffic for later
       analysis. It can be run in real-time displaying the live traffic on  the  wire,  or  as  a
       daemon process that logs to an output file.

OPTIONS

       -b file
              Write  all  processed  HTTP  packets to a binary pcap dump file. Useful for further
              analysis of logged data.

       -d     Run the program as a daemon process. All program status  output  will  be  sent  to
              syslog.  A  pid  file is created for the process in /var/run/httpry.pid by default.
              Requires an output file specified with -o.

       -f format
              Provide a comma-delimited string specifying the parsed HTTP data  to  output.   See
              the  doc/format-string file for further information regarding available options and
              syntax.

       -F     Disable all output buffering. This may be helpful when piping  httpry  output  into
              another program.

       -h     Display a brief description of these options.

       -i device
              Specify  an  ethernet interface for the program to listen on. If not specified, the
              program will poll the system for a list of interfaces  and  select  the  first  one
              found.

       -l threshold
              Specify  a requests per second rate threshold value when running in rate statistics
              mode (-s). Only hosts with a rps value greater than or equal to this number will be
              displayed. Defaults to 1.

       -m methods
              Provide  a comma-delimited string that specifies the request methods to parse.  The
              program defaults to parsing all of the standard  RFC2616  method  strings  if  this
              option is not set. See the doc/method-string file for more information.

       -n count
              Parse  this  number  of HTTP packets and then exit. Defaults to 0, which means loop
              forever.

       -o file
              Specify an output file for writing parsed packet data.

       -p     Do not put the NIC in promiscuous mode on startup. Note that the NIC could  already
              be in that mode for another reason.

       -P file
              Specify a path and filename for creating the PID file in daemon mode.

       -q     Suppress non-critical output (startup banner, statistics, etc.).

       -r file
              Provide  an  input  capture file to read from instead of performing a live capture.
              This option does not require root privileges.

       -s     Run httpry in an HTTP request per second display mode. This  periodically  displays
              the rate per active host and total rate at a specified interval.

       -S     Specify  a  number  of bytes to skip in the ethernet header. This allows for custom
              header offsets to be accounted for.

       -t seconds
              >>>>>>> HEAD~0 Specify the host statistics display interval in seconds when running
              in rate statistics mode (-s). Defaults to 5 seconds.

       -u user
              Specify  an  alternate  user to take ownership of the process and any output files.
              You will need root privileges to do this; it will switch  to  the  new  user  after
              initialization.

       'expression'
              Specify  a  bpf-style  capture filter, overriding the default. Here are a few basic
              examples starting with the default filter:

               'tcp port 80 or 8080'
               'tcp dst port 80'
               'tcp dst port 80 and src host 192.168.1.1'

              These filters will capture all web traffic both directions  on  two  common  ports,
              capture  only  requests  made  to  port  80,  and  capture requests to port 80 by a
              particular host, respectively. See 'man tcpdump' for  further  information  on  the
              syntax and available primitives.

AUTHOR

       httpry was written by Jason Bittel <jason.bittel@gmail.com>. See included COPYING file for
       specific licensing information

                                                                                        HTTPRY(1)