alexandergall
commented
1 year ago I'm going to clean up the code and create a new PR.
Closed alexandergall closed 1 year ago
alexandergall
commented
1 year ago I'm going to clean up the code and create a new PR.
The
v4_HTTPSandv6_HTTPStemplates extract the TLS Server Name Indication (SNI) from the Client Hello handshake message. Due to lack of a standardised IPFIX element, the name is stored in a proprietarystringfield with PEN 39499 to be compatible with the Progress/Flowmon netflow collector. The field is using a fixed width of 64 bytes and the actual length of the name is stored in a separate element.