The Logger tab displays a log of all HTTP traffic sent between all of Burp's tools and your target websites. This includes tools or extensions that send requests automatically, such as Burp Scanner.
From here you can:
The Proxy > HTTP history tab only displays traffic from Burp's browser. By default, Logger displays traffic from all the tools in Burp Suite.
To get started using the Logger tab, we recommend following the tutorial below.
For more detailed information, please see the full documentation.
In this tutorial, you'll learn to use the Logger tab to view requests sent by Burp Scanner and the resulting responses from target websites.
Open Burp's browser and the Logger tab side by side.
Use Burp's browser to access the following URL:
https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-dataClick Access the lab and log in to your PortSwigger account if prompted. This opens your own instance of a deliberately vulnerable shopping website.
The Logger tab shows details about each request that the browser makes in real-time, just like the Proxy > HTTP history tab.
On the shopping site, apply one of the category filters. Notice that doing this sends a request with a query parameter.
You can select an individual request from the Logger tab to audit using Burp Scanner.
Right-click on a request with the category query parameter, then select Do active scan.
Burp Scanner now performs an audit using only this request.
Notice that, unlike the Proxy history, the Logger tab shows the requests that Burp Scanner makes as it performs the audit.
You can identify these from the Tool column.
Select any request to see it displayed in the message editor.
Tasks on the dashboard also have their own task-specific Logger tab. You can view this by clicking View details.
You can both sort and filter the log.
To sort the log, click a column header. You might find it useful to sort the log so that the most recent requests are on top.
Filter which requests are shown by clicking the View filter bar.
As well as filtering the log, you can also control which requests are logged in the first place by clicking the Capture filter bar. These settings also control how much memory the log is allowed to use, and the maximum size of requests and responses are stored.
To disable the logging of all items, click the Logging: On/Off button.
You can clear the log entirely by clicking on the trash can icon at the top right of the screen, below the Logging: On/Off button. Once cleared, the log cannot be retrieved.
You have now had a brief overview of using the Logger tab to study requests sent by Burp Suite.
For more detailed information, please see full documentation about the Logger tab.