network

Monitoring HTTP requests from the command line

Some days ago Javisantana sent me a tweet with a link to a one-liner HTTP requests monitor.

It goes as follows with some ouput added:

$ sudo tcpdump -i en1 -n -s 0 -w - | grep -a -o -E "Host\: .*|GET \/.*"
Password:
tcpdump: listening on en1, link-type EN10MB (Ethernet), capture size 65535 bytes
GET / HTTP/1.1
Host: commandliners.com
GET / HTTP/1.1
Host: google.com
GET / HTTP/1.1
Host: www.google.com
GET / HTTP/1.1
Host: www.google.es
GET /intl/en_com/images/logo_plain.png HTTP/1.1
Host: www.google.es
[...]

Replace en1 with your network interface’s name. Usually enX in BSD-like OSes and ethX in Linux.

You can create an alias named httpdump and add it to ~/.bash_profile:

alias httpdump='sudo tcpdump -i en1 -n -s 0 -w - | grep -a -o -E "Host\: .*|GET \/.*"'

Tested on OS X and Linux.

speak up

Add your comment below, or trackback from your own site.

Subscribe to these comments.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*Required Fields