Actions
Feature #7968
opentls: log ALPN
Description
Feature request to support logging the TLS application layer protocol chosen by ALPN in TLS event logs.
If the ALPN extension is present in the server hello then include its value in the TLS event log. If the ALPN extension is not present in the server hello then this should also be reflected in the log event, either explicitly (e.g. by logging a null value) or implicitly by omitting it. Usually an explicit indication is best but I don't feel strongly about it as long as the "no ALPN" case can be distinguished.
Updated by Jamie Lavigne about 3 hours ago
It would be OK if this output is enabled by extended tls logging.
Updated by Victor Julien 38 minutes ago
Duplicate of #7055?
https://github.com/OISF/suricata/pull/11325 has an example of what the log looks like. This is part of 8.0.0+.
Actions