[mod-security-users] Logging

[<mj...@te...>]

I am seeing a lot of mod security logs written to the apache error_log.  I
have set the default logging method to be 'nolog,auditlog', but some of
the CRS rules are overwriting it (primarily the _60_correlation rules).

I looked at SecRuleUpdateActionById, but it seems to overwrite the entire
action.  I don't want to do that as I just want to change the logging
method (and not impact the rest of the rule which may break if future CRS
releases change the action).

Any ideas?

I am currently on mod security 2.6.5 and CRS 2.2.4.  I can't upgrade to
2.7 yet due dependency issues.

Thanks!