HTTP History
HTTP History records every request and response that passes through the Ogma proxy, giving you a searchable, filterable log of all captured traffic.


The Traffic Table
Each row represents one request-response pair. The columns are:
| Column | Description |
|---|---|
| Method | HTTP method (GET, POST, PUT, etc.) |
| Host | Target hostname |
| Path | Request path and query string |
| Status | HTTP response status code |
| Size | Response body size in bytes |
| Time | Round-trip time in milliseconds |
| Source | Where the request originated (proxy, replay, automate, active_scan, discovery) |
| Tags | User-assigned labels |
| Color | Triage color applied to the row |
Click any row to open the request and response in the detail panel below the table.
Inspecting a Request
The detail panel has two tabs: Request and Response. Each tab shows the raw headers and body. Switch between rendered and raw views for bodies containing JSON, XML, or HTML.
Use the search bar inside the body viewer to locate specific strings in large response bodies.
Filtering Traffic
HTTPQL
Type an HTTPQL expression into the filter bar to narrow the table. HTTPQL supports filtering by host, path, method, status code, response body content, header values, tags, and source.
You can express filters such as:
- All POST requests to a specific host
- Responses with a 4xx status code
- Requests tagged with a specific label
- Traffic from one particular tool
See the HTTPQL reference for the full syntax.
Filtering by Source
The Source column identifies where each request came from. Filter by source to isolate traffic from a specific tool or workflow:
| Source value | Origin |
|---|---|
| proxy | Requests from a browser or external client through the proxy |
| replay | Requests sent from the Replay tool |
| automate | Requests generated by an Automate campaign |
| active_scan | Requests sent by the Active Scanner |
| discovery | Requests sent by Content Discovery |
Tagging and Color-Coding
Tags and colors let you track the state of traffic during a review.
- Right-click a row and select Add tag to apply one or more labels.
- Right-click and select Set color to assign a triage color.
- Filter by tag in HTTPQL to retrieve all traffic with that label.
Use colors consistently - for example, red for confirmed issues, yellow for items to revisit, green for reviewed clean requests.
Actions on Selected Requests
Select one or more rows to access context actions:
| Action | What it does |
|---|---|
| Send to Replay | Opens the request in Replay for modification and resending |
| Send to Automate | Adds the request to an Automate campaign |
| Create Finding | Creates a finding with this request attached as evidence |
| AI Assist | Runs an active scan against this specific request |
View Modes
Toggle between List view and Gallery view using the view selector in the top-right corner.
- List shows the full table with all columns. Use this for most work.
- Gallery shows request and response bodies side by side for multiple entries. Use this when comparing similar requests quickly.
Tips
- Hide static asset types when reviewing application logic.
- Activate a Scope preset to keep target traffic prominent and filter out noise.
- Save common HTTPQL expressions for repeated reviews.