View Source OpenTelemetry.SemConv.Incubating.TLSAttributes (OpenTelemetry.SemConv v1.27.0)
OpenTelemetry Semantic Conventions for TLS attributes.
Summary
Types
Normalized lowercase protocol name parsed from original string of the negotiated SSL/TLS protocol version
Functions
String indicating the cipher used during the current connection.
PEM-encoded stand-alone certificate offered by the client. This is usually mutually-exclusive of client.certificate_chain since this value also exists in that list.
Array of PEM-encoded certificates that make up the certificate chain offered by the client. This is usually mutually-exclusive of client.certificate since that value should be the first certificate in the chain.
Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the client. For consistency with other hash values, this value should be formatted as an uppercase hash.
Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the client. For consistency with other hash values, this value should be formatted as an uppercase hash.
Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the client. For consistency with other hash values, this value should be formatted as an uppercase hash.
Distinguished name of subject of the issuer of the x.509 certificate presented by the client.
A hash that identifies clients based on how they perform an SSL/TLS handshake.
Date/Time indicating when client certificate is no longer considered valid.
Date/Time indicating when client certificate is first considered valid.
Distinguished name of subject of the x.509 certificate presented by the client.
Array of ciphers offered by the client during the client hello.
String indicating the curve used for the given cipher, when applicable
Boolean flag indicating if the TLS negotiation was successful and transitioned to an encrypted tunnel.
String indicating the protocol being tunneled. Per the values in the IANA registry, this string should be lower case.
Normalized lowercase protocol name parsed from original string of the negotiated SSL/TLS protocol version
Numeric part of the version parsed from the original string of the negotiated SSL/TLS protocol version
Boolean flag indicating if this TLS connection was resumed from an existing TLS negotiation.
PEM-encoded stand-alone certificate offered by the server. This is usually mutually-exclusive of server.certificate_chain since this value also exists in that list.
Array of PEM-encoded certificates that make up the certificate chain offered by the server. This is usually mutually-exclusive of server.certificate since that value should be the first certificate in the chain.
Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the server. For consistency with other hash values, this value should be formatted as an uppercase hash.
Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the server. For consistency with other hash values, this value should be formatted as an uppercase hash.
Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the server. For consistency with other hash values, this value should be formatted as an uppercase hash.
Distinguished name of subject of the issuer of the x.509 certificate presented by the client.
A hash that identifies servers based on how they perform an SSL/TLS handshake.
Date/Time indicating when server certificate is no longer considered valid.
Date/Time indicating when server certificate is first considered valid.
Distinguished name of subject of the x.509 certificate presented by the server.
Types
@type tls_protocol_name_values() :: %{ssl: :ssl, tls: :tls}
Normalized lowercase protocol name parsed from original string of the negotiated SSL/TLS protocol version
Enum Values
Functions
@spec tls_cipher() :: :"tls.cipher"
String indicating the cipher used during the current connection.
Value type
Value must be of type atom() | String.t().
Notes
The values allowed for tls.cipher MUST be one of the Descriptions of the registered TLS Cipher Suits.
Examples
["TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_cipher()
:"tls.cipher"?TLS_CIPHER.
'tls.cipher'@spec tls_client_certificate() :: :"tls.client.certificate"
PEM-encoded stand-alone certificate offered by the client. This is usually mutually-exclusive of client.certificate_chain since this value also exists in that list.
Value type
Value must be of type atom() | String.t().
Examples
["MII..."]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_certificate()
:"tls.client.certificate"?TLS_CLIENT_CERTIFICATE.
'tls.client.certificate'@spec tls_client_certificate_chain() :: :"tls.client.certificate_chain"
Array of PEM-encoded certificates that make up the certificate chain offered by the client. This is usually mutually-exclusive of client.certificate since that value should be the first certificate in the chain.
Value type
Value must be of type [atom() | String.t()].
Examples
["MII...", "MI..."]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_certificate_chain()
:"tls.client.certificate_chain"?TLS_CLIENT_CERTIFICATE_CHAIN.
'tls.client.certificate_chain'@spec tls_client_hash_md5() :: :"tls.client.hash.md5"
Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the client. For consistency with other hash values, this value should be formatted as an uppercase hash.
Value type
Value must be of type atom() | String.t().
Examples
["0F76C7F2C55BFD7D8E8B8F4BFBF0C9EC"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_hash_md5()
:"tls.client.hash.md5"?TLS_CLIENT_HASH_MD5.
'tls.client.hash.md5'@spec tls_client_hash_sha1() :: :"tls.client.hash.sha1"
Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the client. For consistency with other hash values, this value should be formatted as an uppercase hash.
Value type
Value must be of type atom() | String.t().
Examples
["9E393D93138888D288266C2D915214D1D1CCEB2A"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_hash_sha1()
:"tls.client.hash.sha1"?TLS_CLIENT_HASH_SHA1.
'tls.client.hash.sha1'@spec tls_client_hash_sha256() :: :"tls.client.hash.sha256"
Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the client. For consistency with other hash values, this value should be formatted as an uppercase hash.
Value type
Value must be of type atom() | String.t().
Examples
["0687F666A054EF17A08E2F2162EAB4CBC0D265E1D7875BE74BF3C712CA92DAF0"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_hash_sha256()
:"tls.client.hash.sha256"?TLS_CLIENT_HASH_SHA256.
'tls.client.hash.sha256'@spec tls_client_issuer() :: :"tls.client.issuer"
Distinguished name of subject of the issuer of the x.509 certificate presented by the client.
Value type
Value must be of type atom() | String.t().
Examples
["CN=Example Root CA, OU=Infrastructure Team, DC=example, DC=com"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_issuer()
:"tls.client.issuer"?TLS_CLIENT_ISSUER.
'tls.client.issuer'@spec tls_client_ja3() :: :"tls.client.ja3"
A hash that identifies clients based on how they perform an SSL/TLS handshake.
Value type
Value must be of type atom() | String.t().
Examples
["d4e5b18d6b55c71272893221c96ba240"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_ja3()
:"tls.client.ja3"?TLS_CLIENT_JA3.
'tls.client.ja3'@spec tls_client_not_after() :: :"tls.client.not_after"
Date/Time indicating when client certificate is no longer considered valid.
Value type
Value must be of type atom() | String.t().
Examples
["2021-01-01T00:00:00.000Z"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_not_after()
:"tls.client.not_after"?TLS_CLIENT_NOT_AFTER.
'tls.client.not_after'@spec tls_client_not_before() :: :"tls.client.not_before"
Date/Time indicating when client certificate is first considered valid.
Value type
Value must be of type atom() | String.t().
Examples
["1970-01-01T00:00:00.000Z"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_not_before()
:"tls.client.not_before"?TLS_CLIENT_NOT_BEFORE.
'tls.client.not_before'@spec tls_client_server_name() :: :"tls.client.server_name"
@spec tls_client_subject() :: :"tls.client.subject"
Distinguished name of subject of the x.509 certificate presented by the client.
Value type
Value must be of type atom() | String.t().
Examples
["CN=myclient, OU=Documentation Team, DC=example, DC=com"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_subject()
:"tls.client.subject"?TLS_CLIENT_SUBJECT.
'tls.client.subject'@spec tls_client_supported_ciphers() :: :"tls.client.supported_ciphers"
Array of ciphers offered by the client during the client hello.
Value type
Value must be of type [atom() | String.t()].
Examples
["TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "..."]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_client_supported_ciphers()
:"tls.client.supported_ciphers"?TLS_CLIENT_SUPPORTED_CIPHERS.
'tls.client.supported_ciphers'@spec tls_curve() :: :"tls.curve"
String indicating the curve used for the given cipher, when applicable
Value type
Value must be of type atom() | String.t().
Examples
["secp256r1"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_curve()
:"tls.curve"?TLS_CURVE.
'tls.curve'@spec tls_established() :: :"tls.established"
Boolean flag indicating if the TLS negotiation was successful and transitioned to an encrypted tunnel.
Value type
Value must be of type boolean().
Examples
[true]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_established()
:"tls.established"?TLS_ESTABLISHED.
'tls.established'@spec tls_next_protocol() :: :"tls.next_protocol"
String indicating the protocol being tunneled. Per the values in the IANA registry, this string should be lower case.
Value type
Value must be of type atom() | String.t().
Examples
["http/1.1"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_next_protocol()
:"tls.next_protocol"?TLS_NEXT_PROTOCOL.
'tls.next_protocol'@spec tls_protocol_name() :: :"tls.protocol.name"
Normalized lowercase protocol name parsed from original string of the negotiated SSL/TLS protocol version
iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_protocol_name()
:"tls.protocol.name"
iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_protocol_name_values().ssl
:ssl
iex> %{OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_protocol_name() => OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_protocol_name_values().ssl}
%{:"tls.protocol.name" => :ssl}?TLS_PROTOCOL_NAME.
'tls.protocol.name'
?TLS_PROTOCOL_NAME_VALUES_SSL.
'ssl'
#{?TLS_PROTOCOL_NAME => ?TLS_PROTOCOL_NAME_VALUES_SSL}.
#{'tls.protocol.name' => 'ssl'}@spec tls_protocol_name_values() :: tls_protocol_name_values()
@spec tls_protocol_version() :: :"tls.protocol.version"
Numeric part of the version parsed from the original string of the negotiated SSL/TLS protocol version
Value type
Value must be of type atom() | String.t().
Examples
["1.2", "3"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_protocol_version()
:"tls.protocol.version"?TLS_PROTOCOL_VERSION.
'tls.protocol.version'@spec tls_resumed() :: :"tls.resumed"
Boolean flag indicating if this TLS connection was resumed from an existing TLS negotiation.
Value type
Value must be of type boolean().
Examples
[true]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_resumed()
:"tls.resumed"?TLS_RESUMED.
'tls.resumed'@spec tls_server_certificate() :: :"tls.server.certificate"
PEM-encoded stand-alone certificate offered by the server. This is usually mutually-exclusive of server.certificate_chain since this value also exists in that list.
Value type
Value must be of type atom() | String.t().
Examples
["MII..."]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_certificate()
:"tls.server.certificate"?TLS_SERVER_CERTIFICATE.
'tls.server.certificate'@spec tls_server_certificate_chain() :: :"tls.server.certificate_chain"
Array of PEM-encoded certificates that make up the certificate chain offered by the server. This is usually mutually-exclusive of server.certificate since that value should be the first certificate in the chain.
Value type
Value must be of type [atom() | String.t()].
Examples
["MII...", "MI..."]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_certificate_chain()
:"tls.server.certificate_chain"?TLS_SERVER_CERTIFICATE_CHAIN.
'tls.server.certificate_chain'@spec tls_server_hash_md5() :: :"tls.server.hash.md5"
Certificate fingerprint using the MD5 digest of DER-encoded version of certificate offered by the server. For consistency with other hash values, this value should be formatted as an uppercase hash.
Value type
Value must be of type atom() | String.t().
Examples
["0F76C7F2C55BFD7D8E8B8F4BFBF0C9EC"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_hash_md5()
:"tls.server.hash.md5"?TLS_SERVER_HASH_MD5.
'tls.server.hash.md5'@spec tls_server_hash_sha1() :: :"tls.server.hash.sha1"
Certificate fingerprint using the SHA1 digest of DER-encoded version of certificate offered by the server. For consistency with other hash values, this value should be formatted as an uppercase hash.
Value type
Value must be of type atom() | String.t().
Examples
["9E393D93138888D288266C2D915214D1D1CCEB2A"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_hash_sha1()
:"tls.server.hash.sha1"?TLS_SERVER_HASH_SHA1.
'tls.server.hash.sha1'@spec tls_server_hash_sha256() :: :"tls.server.hash.sha256"
Certificate fingerprint using the SHA256 digest of DER-encoded version of certificate offered by the server. For consistency with other hash values, this value should be formatted as an uppercase hash.
Value type
Value must be of type atom() | String.t().
Examples
["0687F666A054EF17A08E2F2162EAB4CBC0D265E1D7875BE74BF3C712CA92DAF0"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_hash_sha256()
:"tls.server.hash.sha256"?TLS_SERVER_HASH_SHA256.
'tls.server.hash.sha256'@spec tls_server_issuer() :: :"tls.server.issuer"
Distinguished name of subject of the issuer of the x.509 certificate presented by the client.
Value type
Value must be of type atom() | String.t().
Examples
["CN=Example Root CA, OU=Infrastructure Team, DC=example, DC=com"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_issuer()
:"tls.server.issuer"?TLS_SERVER_ISSUER.
'tls.server.issuer'@spec tls_server_ja3s() :: :"tls.server.ja3s"
A hash that identifies servers based on how they perform an SSL/TLS handshake.
Value type
Value must be of type atom() | String.t().
Examples
["d4e5b18d6b55c71272893221c96ba240"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_ja3s()
:"tls.server.ja3s"?TLS_SERVER_JA3S.
'tls.server.ja3s'@spec tls_server_not_after() :: :"tls.server.not_after"
Date/Time indicating when server certificate is no longer considered valid.
Value type
Value must be of type atom() | String.t().
Examples
["2021-01-01T00:00:00.000Z"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_not_after()
:"tls.server.not_after"?TLS_SERVER_NOT_AFTER.
'tls.server.not_after'@spec tls_server_not_before() :: :"tls.server.not_before"
Date/Time indicating when server certificate is first considered valid.
Value type
Value must be of type atom() | String.t().
Examples
["1970-01-01T00:00:00.000Z"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_not_before()
:"tls.server.not_before"?TLS_SERVER_NOT_BEFORE.
'tls.server.not_before'@spec tls_server_subject() :: :"tls.server.subject"
Distinguished name of subject of the x.509 certificate presented by the server.
Value type
Value must be of type atom() | String.t().
Examples
["CN=myserver, OU=Documentation Team, DC=example, DC=com"]iex> OpenTelemetry.SemConv.Incubating.TLSAttributes.tls_server_subject()
:"tls.server.subject"?TLS_SERVER_SUBJECT.
'tls.server.subject'