Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
Support Center BApp Store Report To Elastic Search

BApp details: Report To Elastic Search

This extension passes along issues discovered by Burp to either stdout or an ElasticSearch database.

When running Burp via the UI, the extension configuration is always sourced from the Java Preferences store. Conversely, when running headless the configuration is always sourced from environment variables.

The environment variables are as follows:

"Type"BURP_EVENTSTREAM_TYPE
"Elasticsearch Host"BURP_EVENTSTREAM_ELASTICSEARCH_HOST
"Elasticsearch Port"BURP_EVENTSTREAM_ELASTICSEARCH_PORT
"Elasticsearch Prefix"BURP_EVENTSTREAM_ELASTICSEARCH_PREFIX

Scan IDs are generated in the extension, and the end of a scan is detected via a cooldown period calculated from current user settings. Concurrent scan IDs are therefore not supported and the extension will consider concurrent scans to be part of a single, overall scan. In the future, if Burp attaches its own IDs to scans and announces the start/end of scans, this could be more accurate (and timely!).

Currently, authenticated access to ElasticSearch is not supported.

It's possible to switch output type while a scan is in progress. No special handling occurs; events after this point will be streamed to the latter output, i.e. it will be missing the start of the current scan.

Author: Adam Piper, PortSwigger Web Security
Version: 0.0.2
Rating:

You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.

Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.

Go back to BappStore