Unusually Long Content-Type Length

Description

This search looks for unusually long strings in the Content-Type http header that the client sends the server.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Application Security

Category

Web Attack

Alert Volume

This search looks for unusually long strings in the Content-Type http header that the client sends the server.

SPL Difficulty

None

Journey

Stage 1

Kill Chain Phases

Delivery

   Help

Unusually Long Content-Type Length Help

This particular search leverages data extracted from Stream:HTTP. You must configure the http stream using the Splunk Stream App on your Splunk Stream deployment server to extract the cscontenttype field.

   Search

Open in Search