HAProxy community

Ssl ciphers and ssl version statistics

To keep up to date server side TLS configuration and don’t lose my clients I need to know what ssl ciphers and ssl version clients use. I can log it:

  • %sslc - ssl_ciphers (ex: AES-SHA)
  • %sslv - ssl_version (ex: TLSv1)

But I need only statistical information:

  • ssl_version/ssl_ciphers
  • last used
  • number of uses

Is there a way to get this info without overloading HAProxy with expensive logs?

No, this is not something that haproxy can do.

Logs are not really expensive, this needs to be done in log analysis. You can feed your own log consumer with this, keeping the data that you want and trowing away the rest.