You can use the capture filter settings to control which types of items are captured in Burp Logger.
You can configure the Logger capture filter in two different ways:
Settings mode enables you to configure a capture filter using checkboxes and drop-downs.
Bambda mode enables you to write a powerful custom capture filter using Burp's Java-based Bambdas.
Items that are not captured will be discarded from Logger. Burp can't retrieve these items even if the capture filter is removed.
To filter the items that Logger captures, click on the Capture filter bar in the Logger tab. This opens the Logger capture filter window.
On the Settings mode tab, you can apply a capture filter using the following options:
You can specify a limit to the memory used by Logger. Once the limit is reached, Logger discards the oldest entries as new entries are created. The default limit is 50MB (or 100MB, if you give Burp Suite access to at least 1GB of memory).
To change the capture limit, select a preset option from the drop-down, or type a specific value.
Allocating a large amount of memory to Logger can cause performance issues.
We recommend that you only increase the amount of memory when you have a specific issue that requires a large number of entries.
Choose which request types Logger captures. You can select from:
Choose which MIME type Logger captures, such as HTML or XML.
Choose which status codes Logger captures.
Choose which other Burp tools Logger captures items from. This enables you to discard traffic from a noisy tool, or direct Logger to capture traffic from one tool only. By default, all tools are selected.
Choose to capture only records that contain a specific search term:
Choose whether or not to discard session handling requests.
Limit the size of requests or responses that Logger captures. The default maximum size for items is 1MB. To change the maximum size of items Logger captures, select a preset option from the drop-down.
On the Bambda mode tab, you can write Java-based Bambdas to apply custom capture filters to Logger.
Two objects of the Montoya API are available to help you write your Bambdas:
LoggerCaptureHttpRequestResponse
Utilities
To filter which types of items Logger captures:
In Logger, click the Capture filter bar to open the Logger capture filter window.
In the Logger capture filter window, click the Bambda mode tab.
Write your Bambda using Java.
Click Apply. This runs the Bambda and outputs any console output or compilation errors into the console. You must resolve any compilation errors before Burp can apply your Bambda.
Click Apply & close.
Burp compiles your Bambda and applies it to any future traffic generated in this project.
Capture filter Bambdas may slow down Burp's performance as they run against all outgoing HTTP messages. Using slow running or resource-intensive Bambdas can slow down Burp even further. Write your Bambda carefully to minimize performance implications.
In the example below, we'll create a Bambda that filters Logger to capture only items that meet the following criteria:
The item must not have a MIME type of WOFF or WOFF2.
In this example, our Bambda is:
var mimeType = requestResponse.mimeType();
return mimeType != MimeType.FONT_WOFF && mimeType != MimeType.FONT_WOFF2;
If you have already used Settings mode to configure a Logger capture filter, you can convert this to a Bambda.
Converting your filter settings overwrites any existing Bambda applied to your Logger capture.
To convert your capture filter settings to a Bambda:
In the Logger tab, click the Capture filter bar to open the Logger capture filter window.
Make changes to the filter settings (if necessary).
At the bottom of the Logger capture filter window, click Convert to Bambda.
Your filter is now converted into a Bambda, enabling you to customize it further using Java.
For more information on how to load Bambdas, save your Bambda, or troubleshoot errors with your Bambda, see our Bambdas documentation.