[mod-security-users] Logging
Brought to you by:
victorhora,
zimmerletw
From: <mj...@te...> - 2013-03-13 16:36:31
|
I am seeing a lot of mod security logs written to the apache error_log. I have set the default logging method to be 'nolog,auditlog', but some of the CRS rules are overwriting it (primarily the _60_correlation rules). I looked at SecRuleUpdateActionById, but it seems to overwrite the entire action. I don't want to do that as I just want to change the logging method (and not impact the rest of the rule which may break if future CRS releases change the action). Any ideas? I am currently on mod security 2.6.5 and CRS 2.2.4. I can't upgrade to 2.7 yet due dependency issues. Thanks! |