Project

General

Profile

Actions
Copy link

Feature #1766

open
MK MK

TLS keyword expansion

Feature #1766: TLS keyword expansion

Added by Mats Klepsland almost 10 years ago. Updated over 6 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Mats Klepsland
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Suricata should support more TLS keywords than it currently does. See TLS keyword expansion for more information of what I'm suggesting and add your comments here :)

Related issues 1 (0 open1 closed)

Related to Suricata - Feature #5190: new tls.random keywordClosedShivani BhardwajActions

ZR Updated by Zach Rasmor almost 10 years ago Actions
Copy link
 #1

I began a prototype to add the cipher suite to the JSON output - are you already planning to do this?

MK Updated by Mats Klepsland almost 10 years ago Actions
Copy link
 #2

Yeah, this is already planned. The plan is to add custom TLS logging (both for tls-log and json-tls), and then start logging more as more TLS stuff is decoded when more TLS keywords are added. Logging cipher_suite from server_hello is on my todo.

AH Updated by Andreas Herz over 9 years ago Actions
Copy link
 #3

  • Target version set to TBD

ZR Updated by Zach Rasmor almost 9 years ago Actions
Copy link
 #4

Hello Mats - has there been any progress on the expanded logging, or should I resume my prototyping?

VJ Updated by Victor Julien over 6 years ago Actions
Copy link
 #5

  • Status changed from New to Assigned

Hi Mats, could you update the wiki doc to indicate what has been implemented?

VJ Updated by Victor Julien almost 4 years ago Actions
Copy link
 #6

Actions
Copy link

Also available in: PDF Atom