mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
32 lines
819 B
Text
32 lines
819 B
Text
# @TEST-EXEC: zeek -b -r $TRACES/http/pipelined-requests.trace %INPUT >out
|
|
# @TEST-EXEC: btest-diff out
|
|
|
|
@load base/protocols/http
|
|
|
|
global msg_count: table[conn_id] of count &default=0;
|
|
|
|
event analyzer_confirmation_info(atype: AllAnalyzers::Tag, info: AnalyzerConfirmationInfo) &priority=10
|
|
{
|
|
if ( atype != Analyzer::ANALYZER_HTTP )
|
|
return;
|
|
|
|
print "proto confirm", atype;
|
|
}
|
|
|
|
event http_request(c: connection, method: string, original_URI: string, unescaped_URI: string, version: string)
|
|
{
|
|
++msg_count[c$id];
|
|
print "http_request", method, original_URI;
|
|
print disable_analyzer(c$id, current_analyzer(), T, T);
|
|
}
|
|
|
|
event http_reply(c: connection, version: string, code: count, reason: string)
|
|
{
|
|
++msg_count[c$id];
|
|
print "http_reply", code;
|
|
}
|
|
|
|
event zeek_done()
|
|
{
|
|
print "total http messages", msg_count;
|
|
}
|