0

I'm trying to capture a HTTP request to debug my application. I'm not sure what tool can achieve that so I'm not sure where to start. I have used Wireshark, tcpdump in the past but to my knowledge wireshark or tcpdump can only capture based on requests and not response. I could be wrong here. What I would like to do is to capture any request that responded with a particular response with a matching string.

For example.

If I have 5 requests

curl -d '<request_body>' http://localhost:8080 -> response {"id": "1"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "1"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "2"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "2"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "3"}

I would like to capture only request that responded with "id": "1". So, in this case I would only capture 2 requests. The reason is I would like to see what's being sent in the request_body

What tool I can use to achieve this?

Update: It looks like tcpdump can do something like this

sudo tcpdump -i any -s 0 -A 'tcp port 8430 and tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504F5354'

But from that command it doesn't capture request/response

toy
  • 11,711
  • 24
  • 93
  • 176
  • what is your http server ? also, can´t you simply add a log file in your application? – RudyMartin May 31 '23 at 17:11
  • The server is Netty. The application is high-throughput and low-latency and adding a log to parse a response will significantly slow down the server. So, we're just exploring another option. – toy May 31 '23 at 17:14

0 Answers0