mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
a7427e95bf
We used to attempt to remove any port specification before recording HTTP host headers in logs. Doing so would (1) remove potentially useful information, (2) not match what the documentation seemed to suggest, and (3) fail for IP6 addresses containing colons. We now record the original HOST header as is. Addresses #1844.
11 lines
1.1 KiB
Text
11 lines
1.1 KiB
Text
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
|
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path http
|
|
#open XXXX-XX-XX-XX-XX-XX
|
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth method host uri referrer version user_agent origin request_body_len response_body_len status_code status_msg info_code info_msg tags username password proxied orig_fuids orig_filenames orig_mime_types resp_fuids resp_filenames resp_mime_types
|
|
#types time string addr port addr port count string string string string string string string count count count string count string set[enum] string string set[string] vector[string] vector[string] vector[string] vector[string] vector[string] vector[string]
|
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 ::1 52522 ::1 80 1 CONNECT secure.newegg.com:443 secure.newegg.com:443 - 1.0 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:41.0) Gecko/20100101 Firefox/41.0 - 0 0 200 Connection Established - - (empty) - - PROXY-CONNECTION -> keep-alive - - - - - -
|
|
#close XXXX-XX-XX-XX-XX-XX
|