Search & Filter

Once an endpoint has thousands of captures, eyeballing the list stops working. HookSense ships method filters, signature filters, and full-text search so you can pinpoint the request you care about in seconds.

Method Filter

The toolbar buttons (ALL, GET, POST, PUT, DELETE, PATCH) toggle which HTTP methods are visible. Useful for separating health-check noise (GET/HEAD) from real webhooks (POST).

Signature Filter

When HMAC verification is configured, three additional toggles appear:

• All — every request
• Verified only — hide requests that failed signature check
• Invalid only — focus on signature failures (great for spotting attack attempts or misconfigured secrets)

Full-Text Search

The search box runs a case-insensitive substring match across:

• Request body (raw text — JSON, form data, plain text)
• All header names and values
• Query parameters
• Source IP address

Examples:

• checkout.session.completed — find a specific Stripe event type
• customer_id_123 — every webhook touching a specific customer
• user-agent: Stripe — header-scoped search
• 54.187 — partial source IP match

Combining Filters

Method, signature, and search compose with AND. POST + Verified only + "checkout" returns just verified Stripe checkout webhooks. Clear individual filters with the X button on each chip; clear all with Reset.

Limits

• Search runs against the requests on screen plus any retained on the server up to your plan's retention window
• Bodies larger than 1 MB are searched on a 1 MB head sample to keep latency low
• Regex isn't supported — use substring or copy-export to grep locally for complex patterns

Available on all plans.