This packages contains two log field filters to log TLS version and cipher suites in a more readable form.
xcaddy build --with github.com/ueffel/caddy-tls-format
See caddy log filter documentation. There will be two new filters to use:
<field> tls_version [prefix]
- field Probably the only sensible field to use here is:
request>tls>version
- prefix string that is added before the TLS version string.
<field> tls_cipher
- field Probably the only sensible field to use here is:
request>tls>cipher_suite
The following example configuration uses the Formatted Log Encoder
format filter {
wrap formatted "\"{request>method} {request>uri} {request>proto}\" {request>tls>version}/{request>tls>cipher_suite}"
fields {
request>tls>version tls_version TLSv
request>tls>cipher_suite tls_cipher
}
}
Log output (with and without HTTPS):
"GET / HTTP/2.0" TLSv1.3/TLS_AES_128_GCM_SHA256
"GET / HTTP/1.1" -/-
For reference the configuration and output without filters:
format formatted "\"{request>method} {request>uri} {request>proto}\" {request>tls>version}/{request>tls>cipher_suite}"
Log output:
"GET / HTTP/2.0" 772/4865 "GET / HTTP/1.1" -/-