vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 23:49:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fixed missing fields in TLS alerts

Browse source
This commit is contained in:
Matteo Biscosi 2024-04-12 11:20:40 -04:00
parent 0cfd1246c1
commit 7d0a946007
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
scripts/lua/modules/lua_utils.lua
View file

@ -1462,6 +1462,12 @@ function addTLSInfoToAlertDescr(msg, alert_json, json_format)
(table.len(alert_json["proto"]["tls"] or {}) > 0)) then
local tls_info = format_tls_info({
ja3_client_hash = alert_json["proto"]["tls"]["ja3_client_hash"],
issuerDN = alert_json["proto"]["tls"]["issuerDN"],
ja4_client_hash = alert_json["proto"]["tls"]["ja4_client_hash"],
tls_version = alert_json["proto"]["tls"]["tls_version"],
ja3_server_hash = alert_json["proto"]["tls"]["ja3_server_hash"],
ja3_server_cipher = alert_json["proto"]["tls"]["ja3_server_cipher"],
notBefore = alert_json["proto"]["tls"]["notBefore"],
notAfter = alert_json["proto"]["tls"]["notAfter"],
client_requested_server_name = alert_json["proto"]["tls"]["client_requested_server_name"],