How does one output all JA3/JA3S Hashes calculated by Suricata from a PCAP file

Hello, I am working to write effective rules that will fire on TLS Server/Client Hello pairings. I am generating my own traffic based on various exploitation frameworks. Is there a way to output the JA3/JA3S hashes that are identified when running Suricata against a PCAP file, so that I can write rules to pivot off of them?

Suricata Version: 6.0.3
Architecture: Kali Linux (Debian)

I can attach my config and a pcap (if needed).

Yes. Enable the tls logging and ja3 parsing in the config.
This should probably be yes

The TLS logger needs to be enabled

Thank you. I have configured suricata.yaml to reflect these changes. I assume that this will be output in eve-log? Thank you again for your help.

Depends on how you have configured your logging, but barring any major changes than yes it should be in eve.json. Try it out.

I got everything to work perfectly. We have a sensor in a honeypot environment, and will be writing detections based on the hashes we find there. Thank you for all of your help!