[GitHub] trafficserver pull request: TS-2169 SSL Stats

Tue, 25 Feb 2014 07:42:55 -0800 

GitHub user rwbarber2 opened a pull request:

    https://github.com/apache/trafficserver/pull/46

    TS-2169 SSL Stats

    Switched to pull request due to anticipated need to merge with more recent 
version of master in the future (when this gets pulled finally).
    
    In addition to the stats already documented above, this also includes 
cipher stats.  Here's the excerpt from the traffic_line doc:
    
    proxy.process.ssl.cipher.user_agent.{cipherName}
      Total number of ssl client connections that used cipherName.  The list of
      cipher stats is dynamic and depends upon the installed ciphers for the
      system.  Some common cipher stats are:
        proxy.process.ssl.cipher.user_agent.ECDHE-RSA-RC4-SHA
        proxy.process.ssl.cipher.user_agent.ECDHE-RSA-AES128-SHA256
        proxy.process.ssl.cipher.user_agent.ECDHE-RSA-AES128-GCM-SHA256
        proxy.process.ssl.cipher.user_agent.ECDHE-RSA-AES128-SHA
        proxy.process.ssl.cipher.user_agent.RC4-SHA
        proxy.process.ssl.cipher.user_agent.RC4-MD5
        proxy.process.ssl.cipher.user_agent.AES128-GCM-SHA256
        proxy.process.ssl.cipher.user_agent.AES128-SHA
      There are two ways to get the list of cipher stats:
      1.  Run ATS with debug logging and show ssl diags:
          CONFIG proxy.config.diags.debug.enabled INT 1
          CONFIG proxy.config.diags.debug.tags STRING ssl.*
          View output of traffic.out looking for lines like:
             (ssl) Registering ssl cipher stat 
'proxy.process.ssl.cipher.user_agent.ECDHE-RSA-AES256-GCM-SHA384'
      2.  Run this script (just asks openssl to tell us):
             openssl ciphers | awk '{n=split($0,a,":"); for (i = 0; ++i <= n;) 
print "proxy.process.ssl.cipher.user_agent." a[i];}'


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/rwbarber2/trafficserver issues/TS-2169

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/trafficserver/pull/46.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #46
    
----
commit 4b7b59756970a805126bb0c43ad93247a2764bf1
Author: Ron Barber <rbar...@yahoo-inc.com>
Date:   2014-02-25T15:36:23Z

    TS-2169 SSL Stats

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to