07-29-2019 02:07 AM
Hi
is there a way to display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)? i have worked on another firewall vendors it's too easy to deteremin SSL/TLS version for troubleshooting instead of packet capture for many many customers because we enforced TLS1.2 on all web/ftp servers
Thank you
Mohanad
07-29-2019 06:51 AM - edited 07-29-2019 06:54 AM
@CyberEdge wrote:Hi
is there a way to display SSL/TLS version in traffic logs (app coloum), instead of just (ssl)? i have worked on another firewall vendors it's too easy to deteremin SSL/TLS version for troubleshooting instead of packet capture for many many customers because we enforced TLS1.2 on all web/ftp servers
Thank you
Mohanad
As of 9.0 and below looks like that's not an option. Maybe look into requesting a feature request for this? (My guess and more like a hope is this will be an option in 9.1)
07-29-2019 07:09 AM
Looks like there's already a FR for this. Might wanna add your name/company to the FR.
https://live.paloaltonetworks.com/t5/General-Topics/Feature-Request-List/td-p/209128/page/5
"4. Log /report / make a column header the TLS/SSL version detected on HTTPS sites. - FR5678"
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
