Vendor: ISC (1)

Type: http (4)

Definition: http://rsfcode.isc.org/git/nmsg/tree/nmsg/isc/http.proto

Description: A type primarily intended for representing hits to HTTP sinkholes

  • "type" (enum)

      One of "unknown", or "sinkhole".
    
  • "srcip" (ip)

  • "srchost" (string)

  • "srcport" (uint16)

  • "dstip" (ip)

  • "dstport" (uint16)

  • "request" (mlstring)

       The HTTP request, including request headers.  In presentation format, the field ends with a "." character on a line by itself.