diff --git a/testing/btest/Baseline/signatures.http-body-match/out b/testing/btest/Baseline/signatures.http-body-match/out
new file mode 100644
index 0000000000..6a8982e7ce
--- /dev/null
+++ b/testing/btest/Baseline/signatures.http-body-match/out
@@ -0,0 +1,27 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+HTTP body match for 192.0.2.42:13578 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'D'
+HTTP body match for 192.0.2.42:13579 -> 192.88.99.42:80 with signature 'http_response_body_CD_only', data: ''
+HTTP body match for 192.0.2.42:13579 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'D'
+HTTP body match for 192.0.2.42:24680 -> 192.88.99.42:80 with signature 'http_request_body_AB_only', data: ''
+HTTP body match for 192.0.2.42:24680 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'B'
+HTTP body match for 192.0.2.42:24680 -> 192.88.99.42:80 with signature 'http_response_body_CD_only', data: ''
+HTTP body match for 192.0.2.42:24680 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'D'
+HTTP body match for 192.0.2.42:24681 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'B'
+HTTP body match for 192.0.2.42:24681 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'D'
+HTTP body match for 192.0.2.42:24682 -> 192.88.99.42:80 with signature 'http_request_body_AB_only', data: ''
+HTTP body match for 192.0.2.42:24682 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'AB'
+HTTP body match for 192.0.2.42:24682 -> 192.88.99.42:80 with signature 'http_request_body_AB_then_CD', data: 'CD'
+HTTP body match for 192.0.2.42:24682 -> 192.88.99.42:80 with signature 'http_response_body_CD_only', data: ''
+HTTP body match for 192.0.2.42:24682 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'CD'
+HTTP body match for 192.0.2.42:33210 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'AB'
+HTTP body match for 192.0.2.42:33210 -> 192.88.99.42:80 with signature 'http_request_body_AB_then_CD', data: 'CD'
+HTTP body match for 192.0.2.42:33210 -> 192.88.99.42:80 with signature 'http_response_body_CD_only', data: ''
+HTTP body match for 192.0.2.42:33210 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'D'
+HTTP body match for 192.0.2.42:33211 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'ABCD'
+HTTP body match for 192.0.2.42:33211 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'D'
+HTTP body match for 192.0.2.42:34527 -> 192.88.99.42:80 with signature 'http_request_body_AB_only', data: ''
+HTTP body match for 192.0.2.42:34527 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'AB'
+HTTP body match for 192.0.2.42:34527 -> 192.88.99.42:80 with signature 'http_response_body_CD_only', data: ''
+HTTP body match for 192.0.2.42:34527 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'CD'
+HTTP body match for 192.0.2.42:34528 -> 192.88.99.42:80 with signature 'http_request_body_AB_prefix', data: 'ABCD'
+HTTP body match for 192.0.2.42:34528 -> 192.88.99.42:80 with signature 'http_response_body_CD_prefix', data: 'CDEF'
diff --git a/testing/btest/Traces/http/http-body-match.pcap b/testing/btest/Traces/http/http-body-match.pcap
new file mode 100644
index 0000000000..bc90359f1f
Binary files /dev/null and b/testing/btest/Traces/http/http-body-match.pcap differ
diff --git a/testing/btest/signatures/http-body-match.zeek b/testing/btest/signatures/http-body-match.zeek
new file mode 100644
index 0000000000..e7b944e65f
--- /dev/null
+++ b/testing/btest/signatures/http-body-match.zeek
@@ -0,0 +1,43 @@
+# @TEST-EXEC: zeek -b -r $TRACES/http/http-body-match.pcap %INPUT | sort >out
+# @TEST-EXEC: btest-diff out
+
+@load-sigs test.sig
+@load base/protocols/http
+
+@TEST-START-FILE test.sig
+signature http_request_body_AB_prefix {
+	http-request-body /^AB/
+	event "HTTP request body starting with AB"
+}
+
+signature http_request_body_AB_only {
+	http-request-body /^AB$/
+	event "HTTP request body containing AB only"
+}
+
+signature http_request_body_AB_then_CD {
+	http-request-body /AB/
+	http-request-body /CD/
+	event "HTTP request body containing AB and CD, but maybe not be on same request (documented behaviour)"
+}
+
+signature http_response_body_CD_prefix {
+	http-reply-body /^CD/
+	event "HTTP response body starting with CD"
+}
+
+signature http_response_body_CD_only {
+	http-reply-body /^CD$/
+	event "HTTP response body containing CD only"
+}
+@TEST-END-FILE
+
+event signature_match(state: signature_state, msg: string, data: string)
+{
+	print(fmt("HTTP body match for %s:%d -> %s:%d with signature '%s', data: '%s'",
+		state$conn$id$orig_h, state$conn$id$orig_p,
+		state$conn$id$resp_h, state$conn$id$resp_p,
+		state$sig_id,
+		data
+	));
+}