Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more

ProfessionalCommunity Edition

Burp Logger capture filter

  • Last updated: June 18, 2024

  • Read time: 3 Minutes

You can use the capture filter settings to control which types of items are captured in Burp Logger.

You can configure the Logger capture filter in two different ways:

  • Settings mode enables you to configure a capture filter using checkboxes and drop-downs.

  • Bambda mode enables you to write a powerful custom capture filter using Burp's Java-based Bambdas.

Note

Items that are not captured will be discarded from Logger. Burp can't retrieve these items even if the capture filter is removed.

To filter the items that Logger captures, click on the Capture filter bar in the Logger tab. This opens the Logger capture filter window.

The capture filter bar in Logger

Settings mode

On the Settings mode tab, you can apply a capture filter using the following options:

Capture limit

You can specify a limit to the memory used by Logger. Once the limit is reached, Logger discards the oldest entries as new entries are created. The default limit is 50MB (or 100MB, if you give Burp Suite access to at least 1GB of memory).

To change the capture limit, select a preset option from the drop-down, or type a specific value.

Note

Allocating a large amount of memory to Logger can cause performance issues.

We recommend that you only increase the amount of memory when you have a specific issue that requires a large number of entries.

Capture by request type

Choose which request types Logger captures. You can select from:

  • Capture only in-scope items. For more information on how to set your scope, see Target scope.
  • Discard items without responses.
  • Capture only parameterized requests.

Capture by MIME type

Choose which MIME type Logger captures, such as HTML or XML.

Capture by status code

Choose which status codes Logger captures.

Capture by tool

Choose which other Burp tools Logger captures items from. This enables you to discard traffic from a noisy tool, or direct Logger to capture traffic from one tool only. By default, all tools are selected.

Capture by search term

Choose to capture only records that contain a specific search term:

  • Regex. Specify whether the search term is a literal string or a regular expression.
  • Case sensitive. Specify whether the search term is case-sensitive.
  • Negative search. Capture only items that do not match the search term.

Session handling

Choose whether or not to discard session handling requests.

Limit request/response size

Limit the size of requests or responses that Logger captures. The default maximum size for items is 1MB. To change the maximum size of items Logger captures, select a preset option from the drop-down.

Bambda mode

On the Bambda mode tab, you can write Java-based Bambdas to apply custom capture filters to Logger.

Two objects of the Montoya API are available to help you write your Bambdas:

  • LoggerCaptureHttpRequestResponse

  • Utilities

To filter which types of items Logger captures:

  1. In Logger, click the Capture filter bar to open the Logger capture filter window.

  2. In the Logger capture filter window, click the Bambda mode tab.

  3. Write your Bambda using Java.

  4. Click Apply.

Burp compiles your Bambda and applies it to any future traffic generated in this project.

Warning

Capture filter Bambdas may slow down Burp's performance as they run against all outgoing HTTP messages. Using slow running or resource-intensive Bambdas can slow down Burp even further. Write your Bambda carefully to minimize performance implications.

Example Bambda

In the example below, we'll create a Bambda that filters Logger to capture only items that meet the following criteria:

  • The item must not have a MIME type of WOFF or WOFF2.

In this example, our Bambda is:

var mimeType = requestResponse.mimeType(); return mimeType != MimeType.FONT_WOFF && mimeType != MimeType.FONT_WOFF2;

Converting filter settings to Bambdas

If you have already used Settings mode to configure a Logger capture filter, you can convert this to a Bambda.

Note

Converting your filter settings overwrites any existing Bambda applied to your Logger capture.

To convert your capture filter settings to a Bambda:

  1. In the Logger tab, click the Capture filter bar to open the Logger capture filter window.

  2. Make changes to the filter settings (if necessary).

  3. At the bottom of the Logger capture filter window, click Convert to Bambda.

Your filter is now converted into a Bambda, enabling you to customize it further using Java.

Related pages

For more information on how to load Bambdas, save your Bambda, or troubleshoot errors with your Bambda, see our Bambdas documentation.

Was this article helpful?