TLS parameters and certificates logging (tls.log)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.. attention:: tls-log is deprecated in Suricata 8.0 and will be
+ removed in Suricata 9.0.
+
The TLS handshake parameters can be logged in a line based log as well.
By default, the logfile is `tls.log` in the suricata log directory.
See :ref:`Custom TLS logging <output-custom-tls-logging>` for details
Custom tls logging
===================
+.. attention:: tls-log is deprecated in Suricata 8.0 and will be
+ removed in Suricata 9.0.
+
In your Suricata.yaml, find the tls-log section and edit as follows:
::
Deprecations
~~~~~~~~~~~~
- The ``http-log`` output is now deprecated and will be removed in Suricata 9.0.
+- The ``tls-log`` output is now deprecated and will be removed in Suricata 9.0.
Upgrading 6.0 to 7.0
--------------------
* */
static OutputInitResult LogTlsLogInitCtx(ConfNode *conf)
{
+ SCLogWarning("The tls-log output has been deprecated and will be removed in Suricata 9.0.");
+
OutputInitResult result = { NULL, false };
LogFileCtx* file_ctx = LogFileNewCtx();
# state-update: false # log packets triggering a TCP state update
# spurious-retransmission: false # log spurious retransmission packets
- # a line based log of TLS handshake parameters (no alerts)
- - tls-log:
- enabled: no # Log TLS connections.
- filename: tls.log # File to store TLS logs.
- append: yes
- #extended: yes # Log extended information like fingerprint
- #custom: yes # enabled the custom logging format (defined by customformat)
- #customformat: "%{%D-%H:%M:%S}t.%z %a:%p -> %A:%P %v %n %d %D"
- #filetype: regular # 'regular', 'unix_stream' or 'unix_dgram'
- # output TLS transaction where the session is resumed using a
- # session id
- #session-resumption: no
-
# output module to store certificates chain to disk
- tls-store:
enabled: no
projects / thirdparty / suricata.git / commitdiff
