Urlsnarf is part of dsniff. A nice little tool that is basically an HTTP sniffer able to output in Common Log Format!
You can directly use it's output as input for a web log analyzer.
From the man page of urlsnarf:
NAME
urlsnarf - sniff HTTP requests in Common Log Format
SYNOPSIS
urlsnarf [-n] [-i interface] [[-v] pattern [expression]]
DESCRIPTION
urlsnarf outputs all requested URLs sniffed from HTTP traffic in CLF
(Common Log Format, used by almost all web servers), suitable for
offline post-processing with your favorite web log analysis tool (ana-
log, wwwstat, etc.).
OPTIONS
-n Do not resolve IP addresses to hostnames.
-i interface
-v "Versus" mode. Invert the sense of matching, to select non-
matching URLs. Specify the interface to listen on.
pattern
Specify regular expression for URL matching.
expression
Specify a tcpdump(8) filter expression to select traffic to
sniff.
SEE ALSO
dsniff(8)
AUTHOR
Dug Song <dugsong@monkey.org>
|