#include "suricata-common.h"#include "app-layer-parser.h"#include "app-layer-ssl.h"#include "app-layer.h"#include "conf.h"#include "output-json-tls.h"#include "output-json.h"#include "output.h"#include "threadvars.h"#include "util-debug.h"#include "util-ja3.h"#include "util-ja4.h"#include "util-time.h"
Go to the source code of this file.
Data Structures | |
| struct | TlsFields |
| struct | OutputTlsCtx_ |
| struct | JsonTlsLogThread_ |
Macros | |
| #define | LOG_TLS_FIELD_VERSION BIT_U64(0) |
| #define | LOG_TLS_FIELD_SUBJECT BIT_U64(1) |
| #define | LOG_TLS_FIELD_ISSUER BIT_U64(2) |
| #define | LOG_TLS_FIELD_SERIAL BIT_U64(3) |
| #define | LOG_TLS_FIELD_FINGERPRINT BIT_U64(4) |
| #define | LOG_TLS_FIELD_NOTBEFORE BIT_U64(5) |
| #define | LOG_TLS_FIELD_NOTAFTER BIT_U64(6) |
| #define | LOG_TLS_FIELD_SNI BIT_U64(7) |
| #define | LOG_TLS_FIELD_CERTIFICATE BIT_U64(8) |
| #define | LOG_TLS_FIELD_CHAIN BIT_U64(9) |
| #define | LOG_TLS_FIELD_SESSION_RESUMED BIT_U64(10) |
| #define | LOG_TLS_FIELD_JA3 BIT_U64(11) |
| #define | LOG_TLS_FIELD_JA3S BIT_U64(12) |
| #define | LOG_TLS_FIELD_CLIENT BIT_U64(13) |
| #define | LOG_TLS_FIELD_CLIENT_CERT BIT_U64(14) |
| #define | LOG_TLS_FIELD_CLIENT_CHAIN BIT_U64(15) |
| #define | LOG_TLS_FIELD_JA4 BIT_U64(16) |
| #define | LOG_TLS_FIELD_SUBJECTALTNAME BIT_U64(17) |
| #define | LOG_TLS_FIELD_CLIENT_ALPNS BIT_U64(18) |
| #define | LOG_TLS_FIELD_SERVER_ALPNS BIT_U64(19) |
| #define | BASIC_FIELDS |
| #define | EXTENDED_FIELDS |
Typedefs | |
| typedef struct OutputTlsCtx_ | OutputTlsCtx |
| typedef struct JsonTlsLogThread_ | JsonTlsLogThread |
Functions | |
| bool | JsonTlsLogJSONExtended (void *vtx, JsonBuilder *tjs) |
| void | JsonTlsLogRegister (void) |
Variables | |
| TlsFields | tls_fields [] |
Detailed Description
Implements TLS JSON logging portion of the engine.
Definition in file output-json-tls.c.
Macro Definition Documentation
◆ BASIC_FIELDS
| #define BASIC_FIELDS |
Definition at line 95 of file output-json-tls.c.
◆ EXTENDED_FIELDS
| #define EXTENDED_FIELDS |
Definition at line 102 of file output-json-tls.c.
◆ LOG_TLS_FIELD_CERTIFICATE
| #define LOG_TLS_FIELD_CERTIFICATE BIT_U64(8) |
Definition at line 50 of file output-json-tls.c.
◆ LOG_TLS_FIELD_CHAIN
| #define LOG_TLS_FIELD_CHAIN BIT_U64(9) |
Definition at line 51 of file output-json-tls.c.
◆ LOG_TLS_FIELD_CLIENT
| #define LOG_TLS_FIELD_CLIENT BIT_U64(13) |
client fields (issuer, subject, etc)
Definition at line 55 of file output-json-tls.c.
◆ LOG_TLS_FIELD_CLIENT_ALPNS
| #define LOG_TLS_FIELD_CLIENT_ALPNS BIT_U64(18) |
Definition at line 60 of file output-json-tls.c.
◆ LOG_TLS_FIELD_CLIENT_CERT
| #define LOG_TLS_FIELD_CLIENT_CERT BIT_U64(14) |
Definition at line 56 of file output-json-tls.c.
◆ LOG_TLS_FIELD_CLIENT_CHAIN
| #define LOG_TLS_FIELD_CLIENT_CHAIN BIT_U64(15) |
Definition at line 57 of file output-json-tls.c.
◆ LOG_TLS_FIELD_FINGERPRINT
| #define LOG_TLS_FIELD_FINGERPRINT BIT_U64(4) |
Definition at line 46 of file output-json-tls.c.
◆ LOG_TLS_FIELD_ISSUER
| #define LOG_TLS_FIELD_ISSUER BIT_U64(2) |
Definition at line 44 of file output-json-tls.c.
◆ LOG_TLS_FIELD_JA3
| #define LOG_TLS_FIELD_JA3 BIT_U64(11) |
Definition at line 53 of file output-json-tls.c.
◆ LOG_TLS_FIELD_JA3S
| #define LOG_TLS_FIELD_JA3S BIT_U64(12) |
Definition at line 54 of file output-json-tls.c.
◆ LOG_TLS_FIELD_JA4
| #define LOG_TLS_FIELD_JA4 BIT_U64(16) |
Definition at line 58 of file output-json-tls.c.
◆ LOG_TLS_FIELD_NOTAFTER
| #define LOG_TLS_FIELD_NOTAFTER BIT_U64(6) |
Definition at line 48 of file output-json-tls.c.
◆ LOG_TLS_FIELD_NOTBEFORE
| #define LOG_TLS_FIELD_NOTBEFORE BIT_U64(5) |
Definition at line 47 of file output-json-tls.c.
◆ LOG_TLS_FIELD_SERIAL
| #define LOG_TLS_FIELD_SERIAL BIT_U64(3) |
Definition at line 45 of file output-json-tls.c.
◆ LOG_TLS_FIELD_SERVER_ALPNS
| #define LOG_TLS_FIELD_SERVER_ALPNS BIT_U64(19) |
Definition at line 61 of file output-json-tls.c.
◆ LOG_TLS_FIELD_SESSION_RESUMED
| #define LOG_TLS_FIELD_SESSION_RESUMED BIT_U64(10) |
Definition at line 52 of file output-json-tls.c.
◆ LOG_TLS_FIELD_SNI
| #define LOG_TLS_FIELD_SNI BIT_U64(7) |
Definition at line 49 of file output-json-tls.c.
◆ LOG_TLS_FIELD_SUBJECT
| #define LOG_TLS_FIELD_SUBJECT BIT_U64(1) |
Definition at line 43 of file output-json-tls.c.
◆ LOG_TLS_FIELD_SUBJECTALTNAME
| #define LOG_TLS_FIELD_SUBJECTALTNAME BIT_U64(17) |
Definition at line 59 of file output-json-tls.c.
◆ LOG_TLS_FIELD_VERSION
| #define LOG_TLS_FIELD_VERSION BIT_U64(0) |
Definition at line 42 of file output-json-tls.c.
Typedef Documentation
◆ JsonTlsLogThread
| typedef struct JsonTlsLogThread_ JsonTlsLogThread |
◆ OutputTlsCtx
| typedef struct OutputTlsCtx_ OutputTlsCtx |
Function Documentation
◆ JsonTlsLogJSONExtended()
| bool JsonTlsLogJSONExtended | ( | void * | vtx, |
| JsonBuilder * | tjs | ||
| ) |
Definition at line 458 of file output-json-tls.c.
◆ JsonTlsLogRegister()
| void JsonTlsLogRegister | ( | void | ) |
Definition at line 668 of file output-json-tls.c.
References LOGGER_JSON_TX, and OutputRegisterTxSubModuleWithProgress().
Variable Documentation
◆ tls_fields
| TlsFields tls_fields[] |
Definition at line 67 of file output-json-tls.c.
