Dear All,

Greetings from Greece. I am a newbie in mod_security 2.x so please bear with me...
I am trying to understand in detail the different audit log parts.
For example in my log file I have:

--b1820656-A--
[29/Dec/2008:23:12:29 +0100] xU3lkMMYTucAAGNDUFwAAAAY 85.114.141.195 2703 197.24.69.139 80

What do all these parts mean ? What are the two IP addresses and what the number between them represent ?

I tried to search for it in the manual but all it says is that the A part is the audit log header and that is mandatory. It also explains the --b1820656-A-- part but not what is inside (at least I could not find it).

Is there any extensive documentation on the log format, what the different parts mean and if we can modify them ?

It is very important for me as some IPs are asking for some weird things from my server.

I thank you all so much for your help

Best regards to all
Ioannis