SSL section

Table 1. SSL section
XML	Console Display	Description
`<SslTotalTIs11Sessions>`	`Total TLS1.1 sessions`	This is a total count of SSL sessions that use the TLS1.1 protocol.
`<SslTotalTIs11SessionsDecrypted>`	`Total TLS1.1 sessions decrypted`	This is a total count of SSL sessions that use the TLS1.1 protocol and were successfully decrypted.
`SslTotalTls12Sessions`	`Total TLS1.2 sessions`	This is a total count of SSL sessions that use the TLS1.2 protocol.
`SslTotalTls12SessionsDecrypted`	`Total TLS1.2 sessions decrypted`	This is a total count of SSL sessions that use the TLS2.1 protocol and were successfully decrypted.
`<SslTotalNewHandshakes>`	`Total new handshakes`	This is a count of new SSL handshake sessions that occurred. New indicates that the SSL session wasn't found in the SSL session cache table.
`<SslTotalResumedHandshakes>`	`Total resumed handshakes`	Provides a running total of SSL resumed handshakes that occurred. This statistic shows how well websites are taking advantage of SSL performance by its use. If the count is zero, this indicates that high overhead SSL new handshakes are being transacted on sites that may have performance issues.
`<SslRecordsRcvd>`	`Records rcvd`	This is a count of captured SSL records that could span multiple packets.
`<SslTotalHandshakes>`	`Total handshakes`	A count of properly negotiated SSL handshake sessions. This count is reflective of successful decryption of SSL traffic.
`<SslHangingConnections>`	`Hanging connections`	Not implemented or used.
`<SslCurrentConnections>`	`Current connections`	Not implemented or used.
`<SslHitCount>`	`Hit Count`	Not implemented or used.
`<SslCurrentHitsPerSec>`	`Current hits per second`	This statistic is an important indicator of system performance and availability. It shows the current number of SSL hits-per-second rate that the Capture processes are generating. The expected number of new handshake SSL hits is approximately 150 without SSL hardware acceleration. SSL decryption is a CPU-intensive operation that uses a lot of Capture system capacity. These stats are updated every 5 seconds.
`<SslMaxHitsPerSec>`	`Maximum hits per second`	Shows the maximum number of SSL hits-per-second rate that the Capture processes are generating.
`<SslAvgHitsPerSec>`	`Average hits per second`	Provides a running average of the number of SSL hits per second being processed. This statistic gives an overall indicator of SSL operations over a long running period instead of just snapshot rates.
`<SslNewHandshakesPerSec>`	`New handshake hits per second`	Provides a snapshot of the rate of SSL new handshakes that are occurring.
`<SslNewHandshakesPerSecMax>`	`Maximum new handshake hits per second`	Maximum rate of new SSL handshakes per second
`<SslResumedHandshakesPerSec>`	`Resumed handshake hits per second`	Maxiumum rate of resumed SSL handshakes per second
`<SslResumedHandshakesPerSecMax>`	`Maximum resumed handshake hits per second`	Maxiumum rate of resumed SSL handshakes per second
`<SslConnectionDataLen>`	`Connection data length`	The average data length in bytes of a SSL connection over a 5-second period (sampling). This statistic is used to compute the average length of an SSL hit.
`<SslHitDataLen>`	`Hit data length`	The computed value of the average SSL hit data length in bytes.
`<SslTotalNewSessionTicketSessions>`	`Total new SessionTicket sessions`	This value provides a count of new SSL sessions using the TLS SessionTicket extension. Both client and server must support the extension for a valid count. For example, if a client requests using the SessionTicket extension and the server rejects it due to non-support, the session is not counted.
`<SslTotalResumedSessionTicketSessions>`	`Total resumed SessionTicket sessions`	This value is the count of the number of TLS SessionTicket sessions that were resumed after they had been stopped.
`<SslTotalDecryptedSessionTicketSessions>`	`Total decrypted SessionTicket sessions`	This value is the count of new and resumed SSL sessions that the DNCA decrypted.
`<SslTotalSessionTicketSessionCacheMisses>`	`Total SessionTicket session cache misses`	This value is the count of the resumed SSL sessions that the DNCA was unable to decrypt, usually due to failing to see the initial, new SSL session.
`<SslTotalEphemeralRsaConnections>`	`Total ephemeral RSA connections`	Shows the number of SSL connections that used "transient" ciphers, such as 40-bit weak RSA encryption. These typically are used by browsers internationally that aren't allowed to use 128-bit strong encryption browsers. Note: Pheromonal ciphers cannot be decrypted at a later time. An error log message is also generated to provide client IP information.
`<SslTotalDhCipherConnections>`	`Total Diffie-Hellman cipher connections`	Counts the number of SSL connections using the Diffie-Hellman cipher. This ephemeral cipher cannot be decrypted at a later time. It can only be initiated by the Web server, not by the client browser. Having a non-zero count value indicates that one or more Web server has set up its SSL cipher suite preferences to use this particular cipher. To allow post decryption, the Web server needs to change its SSL cipher preferences to remove this cipher and replace it with another, such as 256bit AES RSA cipher.
`<SslTotalNullCipherConnections>`	`Total Null Cipher Connections`	Count of SSL connections that do not contain a cipher.
`<SslTotalHsmKeysLoaded>`	`Total HSM keys loaded`	Reports the number of SSL keys loaded from the Sun HSM keystore by the DNCA at startup for each DNCA instance.
`<SslMissingKeys>`	`Missing keys`	Count of SSL keys used that didn't have a corresponding SSL key pem file.
`<SslMissingKeysPerSec>`	`Missing keys per second`	Connections per second that cannot be decrypted because of a missing key
`<SslTotalBadHandshakeSeqErrors>`	`Total Bad Handshake Sequence Errors`	Not implemented or used.
`<SslTotalUnknownCipherErrors>`	`Total Unknown Cipher Errors`	Not implemented or used.
`<SslErrors>`	`Errors`	Not implemented or used.
`<SslTotalSessionCacheMisses>`	`Total session cache misses`	When an SSL session record comes in for decryption, it is checked to see if decryption cipher info for that session is in the cache. If not, it is counted as a cache miss. Because this is a record, it's assumed that the SSL handshake occurred and its decryption cipher info is sitting in the cache. This can happen if DNCA was restarted and began capturing in-progress SSL sessions or it has exceeded the default 10,000 concurrent SSL session cache entries and the LRU entries were deleted.
`<SslSessionCacheMissesPerSec>`	`Session cache misses per second`	Rate of session cache misses per second.
`<SslOldestSessionCacheEntry>`	`Oldest session cache entry`	Provides the oldest residing SSL cache entry in minutes from the current time. This statistic is helpful in gauging whether there is sufficient cache entries in sizing its table to handle a large volume site with minimal performance impact.
`SslHitCount>`	`SSL hit count`	Count of SSL hits.
`<SslTotalCaptureType1>`	`SSL Total Capture Type 1`	Count capture type 1 ssl hits (pages).
`<SslPageViewPct>`	`Percent of ssl page views to page views`	The percentage page views that are over ssl.