I'm trying to capture a HTTP request to debug my application. I'm not sure what tool can achieve that so I'm not sure where to start. I have used Wireshark, tcpdump in the past but to my knowledge wireshark or tcpdump can only capture based on requests and not response. I could be wrong here. What I would like to do is to capture any request that responded with a particular response with a matching string.
For example.
If I have 5 requests
curl -d '<request_body>' http://localhost:8080 -> response {"id": "1"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "1"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "2"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "2"}
curl -d '<request_body>' http://localhost:8080 -> response {"id": "3"}
I would like to capture only request that responded with "id": "1". So, in this case I would only capture 2 requests. The reason is I would like to see what's being sent in the request_body
What tool I can use to achieve this?
Update: It looks like tcpdump can do something like this
sudo tcpdump -i any -s 0 -A 'tcp port 8430 and tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504F5354'
But from that command it doesn't capture request/response