Display Filter Reference: Hypertext Transfer Protocol
Protocol field name: http
Versions: 1.0.0 to 3.4.5
Back to Display Filter Reference
| Field name | Description | Type | Versions |
|---|---|---|---|
| http.accept | Accept | Character string | 1.0.0 to 3.4.5 |
| http.accept_encoding | Accept Encoding | Character string | 1.0.0 to 3.4.5 |
| http.accept_language | Accept-Language | Character string | 1.0.0 to 3.4.5 |
| http.authbasic | Credentials | Character string | 1.0.0 to 3.4.5 |
| http.authcitrix | Citrix AG Auth | Boolean | 2.0.0 to 3.4.5 |
| http.authcitrix.domain | Citrix AG Domain | Character string | 2.0.0 to 3.4.5 |
| http.authcitrix.password | Citrix AG Password | Character string | 2.0.0 to 3.4.5 |
| http.authcitrix.session | Citrix AG Session ID | Character string | 2.0.0 to 3.4.5 |
| http.authcitrix.user | Citrix AG Username | Character string | 2.0.0 to 3.4.5 |
| http.authorization | Authorization | Character string | 1.0.0 to 3.4.5 |
| http.bad_header_name | Illegal characters found in header name | Label | 3.0.0 to 3.4.5 |
| http.cache_control | Cache-Control | Character string | 1.0.0 to 3.4.5 |
| http.chat | Formatted text | Label | 1.12.0 to 3.4.5 |
| http.chunk_boundary | Chunk boundary | Sequence of bytes | 2.0.0 to 3.4.5 |
| http.chunk_size | Chunk size | Unsigned integer, 4 bytes | 2.0.0 to 3.4.5 |
| http.chunkd_and_length | Expert Info | Label | 1.12.0 to 2.0.16 |
| http.chunked_trailer_part | trailer-part | Character string | 1.12.4 to 3.4.5 |
| http.connection | Connection | Character string | 1.0.0 to 3.4.5 |
| http.content_encoding | Content-Encoding | Character string | 1.0.0 to 3.4.5 |
| http.content_length | Content length | Unsigned integer, 8 bytes | 1.0.0 to 3.4.5 |
| http.content_length_header | Content-Length | Character string | 1.0.5 to 3.4.5 |
| http.content_type | Content-Type | Character string | 1.0.0 to 3.4.5 |
| http.cookie | Cookie | Character string | 1.0.0 to 3.4.5 |
| http.cookie_pair | Cookie pair | Character string | 1.12.0 to 3.4.5 |
| http.date | Date | Character string | 1.0.0 to 3.4.5 |
| http.file_data | File Data | Character string | 2.2.0 to 3.4.5 |
| http.host | Host | Character string | 1.0.0 to 3.4.5 |
| http.last_modified | Last-Modified | Character string | 1.0.0 to 3.4.5 |
| http.leading_crlf | Leading CRLF previous message in the stream may have extra CRLF | Label | 2.0.0 to 3.4.5 |
| http.location | Location | Character string | 1.0.0 to 3.4.5 |
| http.next_request_in | Next request in frame | Frame number | 1.10.0 to 3.4.5 |
| http.next_response_in | Next response in frame | Frame number | 1.10.0 to 3.4.5 |
| http.notification | Notification | Boolean | 1.0.0 to 3.4.5 |
| http.prev_request_in | Prev request in frame | Frame number | 1.10.0 to 3.4.5 |
| http.prev_response_in | Prev response in frame | Frame number | 1.10.0 to 3.4.5 |
| http.proxy_authenticate | Proxy-Authenticate | Character string | 1.0.0 to 3.4.5 |
| http.proxy_authorization | Proxy-Authorization | Character string | 1.0.0 to 3.4.5 |
| http.proxy_connect_host | Proxy-Connect-Hostname | Character string | 1.0.0 to 3.4.5 |
| http.proxy_connect_port | Proxy-Connect-Port | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| http.referer | Referer | Character string | 1.0.0 to 3.4.5 |
| http.request | Request | Boolean | 1.0.0 to 3.4.5 |
| http.request.full_uri | Full request URI | Character string | 1.6.0 to 3.4.5 |
| http.request.line | Request line | Character string | 1.12.0 to 3.4.5 |
| http.request.method | Request Method | Character string | 1.0.0 to 3.4.5 |
| http.request.uri | Request URI | Character string | 1.0.0 to 3.4.5 |
| http.request.uri.path | Request URI Path | Character string | 2.2.0 to 3.4.5 |
| http.request.uri.query | Request URI Query | Character string | 2.2.0 to 3.4.5 |
| http.request.uri.query.parameter | Request URI Query Parameter | Character string | 2.2.0 to 3.4.5 |
| http.request.version | Request Version | Character string | 1.0.0 to 3.4.5 |
| http.request_in | Request in frame | Frame number | 1.10.0 to 3.4.5 |
| http.request_number | Request number | Unsigned integer, 4 bytes | 2.0.0 to 3.4.5 |
| http.response | Response | Boolean | 1.0.0 to 3.4.5 |
| http.response.code | Status Code | Unsigned integer, 2 bytes | 1.0.0 to 3.4.5 |
| http.response.code.desc | Status Code Description | Character string | 2.4.0 to 3.4.5 |
| http.response.line | Response line | Character string | 1.12.0 to 3.4.5 |
| http.response.phrase | Response Phrase | Character string | 1.6.0 to 3.4.5 |
| http.response.version | Response Version | Character string | 2.6.0 to 3.4.5 |
| http.response_for.uri | Request URI | Character string | 2.6.7 to 3.4.5 |
| http.response_in | Response in frame | Frame number | 1.10.0 to 3.4.5 |
| http.response_number | Response number | Unsigned integer, 4 bytes | 2.0.0 to 3.4.5 |
| http.sec_websocket_accept | Sec-WebSocket-Accept | Character string | 1.8.0 to 3.4.5 |
| http.sec_websocket_extensions | Sec-WebSocket-Extensions | Character string | 1.8.0 to 3.4.5 |
| http.sec_websocket_key | Sec-WebSocket-Key | Character string | 1.8.0 to 3.4.5 |
| http.sec_websocket_protocol | Sec-WebSocket-Protocol | Character string | 1.8.0 to 3.4.5 |
| http.sec_websocket_version | Sec-WebSocket-Version | Character string | 1.8.0 to 3.4.5 |
| http.server | Server | Character string | 1.0.0 to 3.4.5 |
| http.set_cookie | Set-Cookie | Character string | 1.0.0 to 3.4.5 |
| http.ssl_port | Unencrypted HTTP protocol detected over encrypted port, could indicate a dangerous misconfiguration. | Label | 2.0.0 to 2.6.20 |
| http.subdissector_failed | HTTP body subdissector failed, trying heuristic subdissector | Label | 1.12.0 to 3.4.5 |
| http.te_and_length | The Content-Length and Transfer-Encoding header must not be set together | Label | 2.2.0 to 3.4.5 |
| http.te_unknown | Unknown transfer coding name in Transfer-Encoding header | Label | 2.2.0 to 3.4.5 |
| http.time | Time since request | Time offset | 1.10.0 to 3.4.5 |
| http.tls_port | Unencrypted HTTP protocol detected over encrypted port, could indicate a dangerous misconfiguration. | Label | 3.0.0 to 3.4.5 |
| http.transfer_encoding | Transfer-Encoding | Character string | 1.0.0 to 3.4.5 |
| http.unknown_header | Unknown header | Character string | 2.0.0 to 3.4.5 |
| http.upgrade | Upgrade | Character string | 1.8.0 to 3.4.5 |
| http.user_agent | User-Agent | Character string | 1.0.0 to 3.4.5 |
| http.www_authenticate | WWW-Authenticate | Character string | 1.0.0 to 3.4.5 |
| http.x_forwarded_for | X-Forwarded-For | Character string | 1.0.0 to 3.4.5 |
Go Beyond with Riverbed Technology
I have a lot of traffic...
ANSWER: SteelCentral™ AppResponse 11
- • Full stack analysis – from packets to pages
- • Rich performance metrics & pre-defined insights for fast problem identification/resolution
- • Modular, flexible solution for deeply-analyzing network & application performance