kw kwujec
kwujec
/ tcpdump-es-capture
Created
March 27, 2019 11:07
— forked from z0mbix/tcpdump-es-capture
Capture Elasticsearch Queries
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # tcpdump -A -nn -s 0 'tcp dst port 9200 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' -i lo | |
| tcpdump: verbose output suppressed, use -v or -vv for full protocol decode | |
| listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes | |
| 14:32:33.525122 IP 127.0.0.1.49777 > 127.0.0.1.9200: Flags [P.], seq 313752908:313753888, ack 2465010394, win 257, options [nop,nop,TS val 2684167067 ecr 2684167066], length 980 | |
| E...^.@.@............q#...}L............... | |
| ..#...#.GET /index/_search HTTP/1.1 | |
| Host: 127.0.0.1:9200 | |
| Accept: */* | |
| Content-Length: 845 | |
| Content-Type: application/x-www-form-urlencoded |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " ============= " VIMRC file for David Winterbottom (@codeinthehole) " =========== | |
| " Inspiration {{{ | |
| " ----------- | |
| " Videos: | |
| " - http://www.youtube.com/watch?v=aHm36-na4-4 | |
| " | |
| " Articles: | |
| " - http://alexpounds.com/blog/2014/06/06/the-vimrc-antiques-roadshow | |
| " - http://stevelosh.com/blog/2010/09/coming-home-to-vim/ |