The event ssl_client_hello of the ssl_analyzer module lacks a parameter for the advertised compression methods of the parsed ClientHello. The corresponding record is properly parsed but does not pass the list to the generated event. It is the only field not available to Bro scripts.
Attached patch addresses this by adding a parameter compr_methods: index_vec to the event. Tests have been updated accordingly.