They can just look at the TLS SNI field and the hostname is there in plaintext.
It’s _more_ trouble to do the reverse lookup.
It’s _more_ trouble to even bother with hostnames at all.
Just log IPs. By doing so, you're capturing the same essential data in a more compact form.
It’s _more_ trouble to even bother with hostnames at all.
Just log IPs. By doing so, you're capturing the same essential data in a more compact form.