Enforce hex encoding in log output

So I wanted some Bro to capture the contents of HTTP POST’s, and found in the archives that Seth had already written such a thing:

module HTTP;

export {

The number of bytes that will be included in the http

log from the client body.

const post_body_limit = 1024;

redef record Info += {
post_body: string &log &optional;


event http_entity_data(c: connection, is_orig: bool, length: count, data: string)
if ( is_orig )
if ( ! c$http?$post_body )
c$http$post_body = sub_bytes(data, 0, post_body_limit);
else if ( |c$http$post_body| < post_body_limit )
c$http$post_body = string_cat(c$http$post_body, sub_bytes(data, 0, post_body_limit-|c$http$post_body|));

So now my question is: in the output of the data, can we ensure that ALL data is hex encoded, even if it’s part of the ASCII character set? I need to put this data into a feed, and not being able to count on a delimiter is problematic…



Just do this…

                if ( ! c$http?$post_body )
                        c$http$post_body = bytestring_to_hexstr(sub_bytes(data, 0, post_body_limit));
                else if ( |c$http$post_body| < post_body_limit )
                        c$http$post_body = string_cat(c$http$post_body, bytestring_to_hexstr(sub_bytes(data, 0, post_body_limit-|c$http$post_body|)));