policy/protocols/ssl/ssl-log-ext.zeek

SSL

This file adds a lot of additional information to the SSL log It is not loaded by default since the information significantly expands the log and is probably not interesting for a majority of people.

Namespace

SSL

Imports

base/protocols/ssl

Summary

Redefinitions

SSL::Info: record

New Fields

SSL::Info

server_version: count &log &optional

Numeric version of the server in the server hello

client_version: count &log &optional

Numeric version of the client in the client hello

client_ciphers: vector of count &log &optional

Ciphers that were offered by the client for the connection

ssl_client_exts: vector of count &log &optional

SSL Client extensions

ssl_server_exts: vector of count &log &optional

SSL server extensions

ticket_lifetime_hint: count &log &optional

Suggested ticket lifetime sent in the session ticket handshake by the server.

dh_param_size: count &log &optional

The diffie helman parameter size, when using DH.

point_formats: vector of count &log &optional

supported elliptic curve point formats

client_curves: vector of count &log &optional

The curves supported by the client.

orig_alpn: vector of string &log &optional

Application layer protocol negotiation extension sent by the client.

client_supported_versions: vector of count &log &optional

TLS 1.3 supported versions

server_supported_version: count &log &optional

TLS 1.3 supported versions

psk_key_exchange_modes: vector of count &log &optional

TLS 1.3 Pre-shared key exchange modes

client_key_share_groups: vector of count &log &optional

Key share groups from client hello

server_key_share_group: count &log &optional

Selected key share group from server hello

client_comp_methods: vector of count &log &optional

Client supported compression methods

comp_method: count &optional

Server chosen compression method

sigalgs: vector of count &log &optional

Client supported signature algorithms

hashalgs: vector of count &log &optional

Client supported hash algorithms

Detailed Interface