Server logs can be configured to include the TLS version and ciphersuite used for the connection.
Does Matomo support tracking this information as part of a request (through the import_logs.py script)? This is useful for example when trying to decide which TLS versions and/or ciphersuites to disable for security reasons. When doing that, it’s relevant to know whether 0.1% or 5% of the users still use that TLS version or ciphersuite.
Tracking TLS version in JavaScript sounds impossible as there doesn’t seem to be a way for JavaScript to get this information. The same seems to be true for PHP.
For log analytics it might be possible if your log contains the information.
You would need to modify the script a bit, so that it reads the data and e.g. sets a custom dimension, but that should be possible:
Should be quite easy to do with log analytics. You’ll have to extend the script a bit to a) get the value from the provided log format and b) inject the value to a custom dimension (a visit scope CD should be enough, because a visitor mostly doesn’t change TLS version while on page)
Apologies for resurrecting an old thread, but I just wanted to ask if you ever got anywhere with implementing the changes needed to read and store the various fields related to TLS? I’ve added four fields (crypt-protocol, crypt-cipher, crypt-hash, crypt-keyexchange), and would love to be able to visualize this information in Matomo.
Sadly, I’m no Python programmer, so wouldn’t know where to start dissecting the import_logs.py script
Hi Mike. Sorry, no, I have since switched from self-hosted Matomo to self-hosted Plausible. It has less features (and doesn’t give me TLS information either), but it’s much simpler to set up and keep up to date