I'm trying to track down outdated cryptographic protocols and weak cipher suites still being used. I want to put this into a report that list the source and destination ip addresses, the protocol being used, and the cipher suites being used. The problem I'm running into is that both the protocol and the cipher suite get put into the same meta key (crypto). I need one or the other (I think) to go into a different key so I can have them both in the same row of the report. Am I overthinking this or missing something really simple here? Any help would be greatly appreciated!