Display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)?
cancel
Showing results for 
Search instead for 
Did you mean: 

Display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)?

L0 Member

Hi 

 

is there a way to display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)? i have worked on another firewall vendors it's too easy to deteremin SSL/TLS version for troubleshooting instead of packet capture for many many customers because we enforced TLS1.2 on all web/ftp servers

 

Thank you

Mohanad

2 REPLIES 2

Cyber Elite
Cyber Elite

@CyberEdge wrote:

Hi 

 

is there a way to display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)? i have worked on another firewall vendors it's too easy to deteremin SSL/TLS version for troubleshooting instead of packet capture for many many customers because we enforced TLS1.2 on all web/ftp servers

 

Thank you

Mohanad


 

As of 9.0 and below looks like that's not an option.  Maybe look into requesting a feature request for this?  (My guess and more like a hope is this will be an option in 9.1)

Cyber Elite
Cyber Elite

Looks like there's already a FR for this.  Might wanna add your name/company to the FR.

 

https://live.paloaltonetworks.com/t5/General-Topics/Feature-Request-List/td-p/209128/page/5

 

"4.  Log /report / make a column header the TLS/SSL version detected on HTTPS sites. - FR5678"

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!