Goaccess: add ssl_protocol distribution panel

Created on 16 Apr 2018  路  12Comments  路  Source: allinurl/goaccess

Hello,

As an enhancement is it possible to have a panel displaying the ratio/usage of ssl_protocol?
This information is available by default for aws cloudfront logs for example.

Thanks

add enhancement
Source
picture VinceRafale
👍3

Most helpful comment

Sounds like we could add a panel dedicated for this. Do you have some sample data that I can look? Thanks.

picture allinurl on 17 Apr 2018
👍3

All 12 comments

Sounds like we could add a panel dedicated for this. Do you have some sample data that I can look? Thanks.

allinurl picture allinurl on 17 Apr 2018
👍3

Nginx log format

log_format goaccess "[$time_local] $remote_addr $http_host $ssl_cipher $ssl_protocol"
  "\"$http_user_agent\" \"$http_referer\" "
  "\"$request\" $status $bytes_sent $request_time";

Logs

[19/May/2019:16:47:55 +0000] 2a01:7e01::1 mail.example.com TLS_AES_256_GCM_SHA384 TLSv1.3 "Mozilla/5.0 (X11; Linux x86_64; rv:66.0) Gecko/20100101 Firefox/66.0" "https://mail.example.com/?_task=mail&_mbox=INBOX" "POST /?_task=mail&_action=refresh HTTP/2.0" 200 448 1.042
[19/May/2019:16:47:57 +0000] 2a01:7e01::1 example.com TLS_AES_256_GCM_SHA384 TLSv1.3 "curl/7.64.1" "-" "GET / HTTP/2.0" 403 234 0.058

Nginx version 1.15.12

MrSorcus picture MrSorcus on 19 May 2019

Something similar for AWS here - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html (ssl-protocol & ssl-cipher)

MrSorcus picture MrSorcus on 19 May 2019

So essentially you want to display a panel containing the TLS version and cipher?

allinurl picture allinurl on 20 May 2019

Not sure how must it be present in GoAccess.

MrSorcus picture MrSorcus on 20 May 2019

@allinurl I'm also interested in this feature. My use case is monitoring the rate of support for TLSv1.3 among the visitors of my site so I can make informed decisions in regards to deprecating the use of earlier versions.

Here's a quick mock-up of what I imagine the corresponding panel to look like:

vivaldi_2020-06-09_16-46-18

whalehub picture whalehub on 9 Jun 2020
👍2

@whalehub Thanks for sharing that, it helps a lot! I can probably add this to the upcoming version. For reference, do you know where I can find the ciphers for each TLS version?

allinurl picture allinurl on 9 Jun 2020

@allinurl You're welcome. I can recommend this source for cipher lists: TLSv1.3, TLSv1.2 and TLSv1.1/TLSv1.0 (they use the same cipher suites).

Edit: I parsed those links into a gist for you. 馃憤

whalehub picture whalehub on 9 Jun 2020
👍1

@allinurl Is this still planned for a future version?

whalehub picture whalehub on 5 Sep 2020

@whalehub it certainly is. Thanks for the reminder!

allinurl picture allinurl on 7 Sep 2020

This has been added per #1727. It will be out this week. Stay tuned!

allinurl picture allinurl on 15 Nov 2020
🎉2

@allinurl Works nicely so far. Thanks! 馃帀

nginx.conf

    log_format vcombined
      '$host:$server_port $remote_addr - $remote_user [$time_local] $ssl_protocol $ssl_cipher '
      '"$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';

goaccess.conf

time-format %H:%M:%S
date-format %d/%b/%Y
log-format %v:%^ %h %^[%d:%t %^] %K "%r" %s %b "%R" "%u"

raw

whalehub picture whalehub on 17 Nov 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Tassleh0ff picture Tassleh0ff  路  4Comments
DestinyWang picture DestinyWang  路  3Comments
LoanDEV picture LoanDEV  路  3Comments
Gill-Bates picture Gill-Bates  路  3Comments
ychunc picture ychunc  路  3Comments