-
Notifications
You must be signed in to change notification settings - Fork 0
/
collect.go
39 lines (37 loc) · 973 Bytes
/
collect.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
package collect
import (
"fmt"
"github.com/curious-universe/network-traffic-ant/elasticsearch"
"github.com/google/gopacket"
"strings"
)
func SavePacketInfo(packet gopacket.Packet) {
applicationLayer := packet.ApplicationLayer()
if applicationLayer != nil {
fmt.Println("Application layer/Payload found.")
payload := string(applicationLayer.Payload())
fmt.Printf("%q\n", payload)
// Search for a string inside the payload
//if strings.Contains(payload, "HTTP") {
// fmt.Println("HTTP found!")
//}
var host = ""
var requestMethod = "Get"
fmt.Println(strings.Split(payload, "\r\n"))
for _, line := range strings.Split(payload, "\r\n") {
if strings.Contains(line, "Host") {
host = line[len("Host: "):]
fmt.Println(line)
}
}
if host != "" {
elasticsearch.Create("application-into-packet",
fmt.Sprintf(`{"payload":"%s","host":"%s","request_method":"%s"}`,
"payload",
host,
requestMethod,
),
)
}
}
}