One of the biggest advantages of Logger++ is the ability to quickly search the logs using advanced queries.
Suppose you’ve found a request that’s using a suspicious parameter, and want to figure out where it has come from. A simple query such as the one below will show only the results which match the rule, helping to find its origin.
response.body CONTAINS "suspiciousValue"
Or maybe you’ve found a POST endpoint on an app which doesn’t require a csrf token and want to find other endpoints who also don’t require a token?
request.method == "POST" AND !(request.body CONTAINS "csrf")
Filters can be combined using the logical operators AND, OR, XOR and can be negated using the NOT keyword to create complex queries. However, to prevent ambiguity, AND, OR, XOR cannot be combined without using parenthesis to ensure proper parsing.
request.body CONTAINS "a" OR request.method == "POST" AND request.body CONTAINS "b"
request.body CONTAINS "a" OR (request.method == "POST" AND request.body CONTAINS "b")