On Thu, Oct 24, 2013 at 1:06 PM, Winfried Neessen <neessen@cleverbridge.com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Josh,

this is my setting: SecAuditLogRelevantStatus "^(?:5|4(?!04))"


Hi Winfried,

Can you verify the HTTP response code that is triggering the event? Assuming its a 401, can you try updating your SecAuditLogRelevantStatus directive to:

SecAuditLogRelevantStatus "^(?:5|4(?:0[14]))"

--
 - Josh
 
This is ok and intended, but I was assuming, when I add a whitelist rule,
with "allow" and "nolog"
that it would not log anything else.

Any ideas?

Thanks
Winni

From: Josh Amishav-Zlatin [mailto:jamuse@owasp.org]
Sent: Wednesday, October 23, 2013 8:23 PM
To: mod-security-users@lists.sourceforge.net
Subject: Re: [mod-security-users] Keep modsecurity from logging Apache
Errors

On Wed, Oct 23, 2013 at 6:03 PM, Winfried Neessen <neessen@cleverbridge.com>
wrote:
- -----BEGIN PGP SIGNED MESSAGE-----


I've set up the whitelist rule with "nolog" action, but still these are
getting logged. Is there a way to
avoid this?

Hi Winfried,

What is your SecAuditLogRelevantStatus directive set to?

- --
 - Josh


Thanks
Winfried

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.1.107.3564 - http://www.gpg4o.de/
Charset: utf-8

iQGcBAEBAgAGBQJSZ+U7AAoJEHA9PkTtvSL4+T8L/0wj4xJ0/iMgJq6u1E+Nrj2C
//EZXkvzDhgbaK3i/wUbvTfk2C7IRK4dmqibw0jPpc94vu7fkY1kYm3GUDPP39pQ
cpC2qSiAZFv9qz2Hlf5dFCfLpsJc0QEgVdJN5gUdZTwTuovxJ7KUzioZ+fNuYeQS
I/OnfQn79b4ePZqY8vc3DQLX5dIl2lb1kplE/tzSDdGuFGnpiYVBUhnYQCjop3k6
HBAeKxSIqFIgyGhpXUJyrvBsT+Qsm7GG9Nrn/o5Q4mNPKvtVqPvBVwTCdM1ehN2h
SyTUTG1CNZNi7qKte/mvaXpRkstKHmQOIZ4jxI1ER2so/Y2XrCOdLYy5cNXs7xrf
1kZAGTLkQf9pAquW6xfa+F6CAIFxuboz5Lv5tpMPHo+3ogTTpp7UCf+y3vnl6xkc
zYSTzGq2HcN4HYlHhfb9rTgACAohB9CFhOVEpAl/CuXlPkBSbNYxK4kC4KZR6P0w
KxZHflFz3FJCd7lgoQ2ZiifJ3f5E3WXURCR4CFbDpA==
=2fY8
- -----END PGP SIGNATURE-----

- ------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most
from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.1.107.3564 - http://www.gpg4o.de/
Charset: utf-8

iQGcBAEBAgAGBQJSaPEPAAoJEHA9PkTtvSL4WEML/ROCgHkjfUSLiViBPTSvieLW
9zs9PuV9ZsNynY8XtqvS05AnqjPdb/0oxU67XVETl007Vfb02aDX3Fg6OWhnOVc0
A+ZkD67DtOgPjI3ZotfVFoVz0lffBDQ4lI8cIFXRxcZ2ag3wdi2gXsnqnJ6EWv9X
F9lNUVsA9GHGUAdenoiIRpYlMxdAmjOHqgSrSUOTCNBWKSgOkiVOUv1CoPn534Oa
YB4R1MlbZjf26ywKnOyvs+P8Z905uANOgMP+1BNoxsqb4SMvYowkhoYK9qpphY8W
HTQXS0VNkZYr/+TI+FQETUxvhBGv39QF1t7yNx0wcXUvaXa4G1U/WxEy7+KlqgNP
kY7dD5Dh04FR2DW650Rf27J1H2WTxK1DRKIbhBQk+l45xqmSAnD+ZmQHYOHBHQAv
3QKZA0KwJ3IjMu6xBjeb4pYmbeVslkWJcfpURR34bSs4vO0lBRS4mxYOwG/+agou
FYWEocaA+oeEW5lPHjbwFjh8AIpZQBns0p4RbrvwOA==
=QFhK
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/