https://github.com/ueffel/caddy-tls-format

Caddy log filter module with two log field filters to log TLS version and cipher suites in a more readable form.
https://github.com/ueffel/caddy-tls-format

caddy caddy-module caddyserver

Last synced: 5 months ago
JSON representation

Caddy log filter module with two log field filters to log TLS version and cipher suites in a more readable form.

• Host: GitHub
• URL: https://github.com/ueffel/caddy-tls-format
• Owner: ueffel
• License: mit
• Created: 2021-09-24T13:54:41.000Z (over 4 years ago)
• Default Branch: main
• Last Pushed: 2021-09-24T14:05:21.000Z (over 4 years ago)
• Last Synced: 2024-06-20T14:26:25.841Z (almost 2 years ago)
• Topics: caddy, caddy-module, caddyserver
• Language: Go
• Homepage:
• Size: 41 KB
• Stars: 3
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# caddy-tls-format

This packages contains two log field filters to log TLS version and cipher suites in a more readable

form.

## Installation

```sh

xcaddy build --with github.com/ueffel/caddy-tls-format

```

## Usage

See [caddy log filter documentation](https://caddyserver.com/docs/caddyfile/directives/log#filter).

There will be two new filters to use:

### tls_version

```caddy-d

 tls_version [prefix]

```

* **field** Probably the only sensible field to use here is: `request>tls>version`

* **prefix** string that is added before the TLS version string.

### tls_cipher

```caddy-d

 tls_cipher

```

* **field** Probably the only sensible field to use here is: `request>tls>cipher_suite`

## Example configuration

The following example configuration uses the [Formatted Log

Encoder](https://github.com/caddyserver/format-encoder)

```caddy-d

format filter {

    wrap formatted "\"{request>method} {request>uri} {request>proto}\" {request>tls>version}/{request>tls>cipher_suite}"

    fields {

        request>tls>version tls_version TLSv

        request>tls>cipher_suite tls_cipher

    }

}

```

Log output (with and without HTTPS):

```plain

"GET / HTTP/2.0" TLSv1.3/TLS_AES_128_GCM_SHA256

"GET / HTTP/1.1" -/-

```

> For reference the configuration and output without filters:

>

> ```caddy-d

> format formatted "\"{request>method} {request>uri} {request>proto}\" {request>tls>version}/{request>tls>cipher_suite}"

> ```

>

> Log output:

>

> ```plain

> "GET / HTTP/2.0" 772/4865

> "GET / HTTP/1.1" -/-

> ```