Logger++ enhances the logging capabilities of Burp Suite by enabling advanced filters that highlight interesting entries or filter logs to those that match specific criteria. In this collection, we've curated a list of Logger++ filters for API requests and responses. Each filter is accompanied by a description of its purpose, making it easier for you to customize your Logger++ configuration for your API security testing and debugging needs.
Here's a comprehensive list of Logger++ filters that you can use to monitor and analyze API interactions. Each filter is assigned a unique number, features a regular expression (regex) for matching criteria, and comes with a clear description of what it logs.
| No. | Regex | Description |
|---|---|---|
| 1 | Response.Headers CONTAINS "Content-Type: application/json" |
Log responses with "Content-Type: application/json" |
| 2 | Response.Headers CONTAINS "Content-Encoding: gzip" |
Log responses with "Content-Encoding: gzip" |
| 3 | Request.Headers CONTAINS "X-Requested-With: XMLHttpRequest" |
Log requests made with XMLHttpRequest header |
| 4 | Response.Headers CONTAINS "Content-Type: application/xml" |
Log responses with "Content-Type: application/xml" |
| 5 | Response.Headers CONTAINS "Authorization: Bearer" |
Log responses with "Authorization: Bearer" |
| 6 | Response.Headers CONTAINS "Authorization:" |
Log responses with "Authorization:" |
| 7 | Response.Status MATCHES "201" |
Log responses with status code 201 |
| 8 | Response.Body CONTAINS "{\"status\": \"success\"}" |
Log responses with "{"status": "success"}" in the body |
| 9 | Response.Body CONTAINS "__schema" |
Log responses containing "__schema" in the body |
| 10 | (Response.Headers CONTAINS "Content-Type: application/json" AND Response.Headers CONTAINS "Content-Encoding: gzip") |
Log responses with both "Content-Type: application/json" and "Content-Encoding: gzip" headers |
| 11 | (Response.Headers CONTAINS "Content-Type: application/json" AND Response.Status MATCHES "201") |
Log responses with "Content-Type: application/json" and status code 201 |
| 12 | (Response.Body CONTAINS "{\"status\": \"success\"" AND Response.Status MATCHES "201") |
Log responses with both "{"status": "success"}" in the body and status code 201 |
| 13 | (Request.Path MATCHES "^/product/.*$" OR Request.Path MATCHES "^/user/.*$") |
Log requests with paths starting with "/product/" or "/user/" |
| 14 | (Request.Path == "/api/v1" OR Request.Path == "/api/v2") AND Request.Method IN ["POST", "PUT", "DELETE"] |
Log requests with paths "/api/v1" or "/api/v2" and methods POST, PUT, or DELETE |
| 15 | (Request.Method IN ["POST", "PUT", "DELETE"] AND Request.Path MATCHES "^/api/.*$") |
Log requests with methods POST, PUT, or DELETE and paths starting with "/api/" |
| 16 | (Request.Body CONTAINS "query" OR Request.Body CONTAINS "mutation" OR Request.Body CONTAINS "subscription") |
Log requests with bodies containing "query," "mutation," or "subscription" |
| 17 | (Request.Path == "/graphql" OR Request.Path == "/graphiql") AND (Request.Body CONTAINS "query" OR Request.Body CONTAINS "mutation" OR Request.Body CONTAINS "subscription") |
Log requests with paths "/graphql" or "/graphiql" and bodies containing "query," "mutation," or "subscription" |
| 18 | Request.Path MATCHES "^/product/.*$" |
Log requests with paths starting with "/product/" |
| 19 | Request.Path MATCHES "^/user/.*$" |
Log requests with paths starting with "/user/" |
| 20 | Request.Path MATCHES "^/api/.*$" |
Log requests with paths starting with "/api/" |
| 21 | Request.Path == "/api/v1" |
Log requests with path "/api/v1" |
| 22 | Request.Path == "/api/v2" |
Log requests with path "/api/v2" |
| 23 | Request.Path == "/graphql" |
Log requests with path "/graphql" |
| 24 | Request.Path == "/graphiql" |
Log requests with path "/graphiql" |
| 25 | Request.Method IN ["POST", "PUT","DELETE"] |
Log requests with methods POST, PUT, or DELETE |
| 26 | Request.Body CONTAINS "query" |
Log requests with bodies containing "query" |
| 27 | Request.Body CONTAINS "mutation" |
Log requests with bodies containing "mutation" |
| 28 | Request.Body CONTAINS "subscription" |
Log requests with bodies containing "subscription" |
| 29 | Request.Body CONTAINS "introspection" |
Log requests with bodies containing "introspection" |
| 30 | Request.Headers CONTAINS "Authorization: Bearer" |
Log requests with "Authorization: Bearer" in headers |
| 31 | Request.Headers CONTAINS "Content-Type: application/json" |
Log requests with "Content-Type: application/json" in headers |