mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
b02f22a667
This commit changes the SSL and X.509 logging formats to something that, hopefully, slowly approaches what they will look like in the future. X.509 log is not yet deduplicated; this will come in the future. This commit introduces two new options, which determine if certificate issuers and subjects are still logged in ssl.log. The default is to have the host subject/issuer logged, but to remove client-certificate information. Client-certificates are not a typically used feature nowadays.
12 lines
1.1 KiB
Text
12 lines
1.1 KiB
Text
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
|
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path ssl
|
|
#open XXXX-XX-XX-XX-XX-XX
|
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fps client_cert_chain_fps subject issuer
|
|
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string
|
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.1.200 49206 192.168.1.150 3389 TLSv10 TLS_RSA_WITH_AES_128_CBC_SHA - 192.168.1.150 F - - T a5b05d2ae076130aa41060f53ecd72bdf864ea0179250e927549c94d5ab2499a (empty) CN=WIN2K8R2.awakecoding.ath.cx CN=WIN2K8R2.awakecoding.ath.cx
|
|
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 192.168.1.200 49207 192.168.1.150 3389 TLSv10 TLS_RSA_WITH_AES_128_CBC_SHA - 192.168.1.150 F - - T a5b05d2ae076130aa41060f53ecd72bdf864ea0179250e927549c94d5ab2499a (empty) CN=WIN2K8R2.awakecoding.ath.cx CN=WIN2K8R2.awakecoding.ath.cx
|
|
#close XXXX-XX-XX-XX-XX-XX
|