I'm not able to get sanitizeMatchedBytes to work for RESPONSE_BODY and want to confirm that this should actually work.

I'm using the rule from the documentation:

SecRule RESPONSE_BODY "@verifyCC \d{13,16}" "phase:4,t:none,log,capture,block,msg:'Potential credit card number is response body',sanitiseMatchedBytes:0/4"

and I see the rule "fire" but it has all the credit card info intact.

When I turn on debug I see this:

sanitizeMatched: Don't know how to handle variable: RESPONSE_BODY

and when I look at the code it doesn't look like there is any logic to sanitize the response body in msc_logging.c.

Before I go forward with trying to add this functionality I wanted to make sure that I wasn't missing something obvious....