Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] ModSecurity version 2.9.1-rc1 announcement
|
From: Christian F. <chr...@ne...> - 2016-03-03 05:06:57
|
Good morning, Following up on yesterday's community meeting, I have more detailed info on the JSON audit log failure on 2.9.1-rc1. The problem is real. Details below. If you need more info, Felipe, I'll be glad to help out. Ahoj, Christian ----------------------------------------------------------------------- The error message (on launch): AH00526: Syntax error on line 110 of /apache/conf/httpd.conf_problem_... Invalid command 'SecAuditLogFormat', perhaps misspelled or defined by a module not included in the server configuration -> it dies The OS Release: Ubuntu 14.04.4 LTS \n \l Apache build: Server version: Apache/2.4.18 (Unix) Server built: Mar 3 2016 05:25:21 ./configure --prefix=/opt/apache-2.4.18 \ --with-apr=/usr/local/apr/bin/apr-1-config \ --with-apr-util=/usr/local/apr/bin/apu-1-config \ --enable-mpms-shared=event \ --enable-mods-shared=all \ --enable-nonportable-atomics=yes yajl version: ii libyajl2:amd64 2.0.4-4 ... ModSecurity: ModSecurity for Apache/2.9.1-RC1 (http://www.modsecurity.org/) ./configure --with-apxs=/apache/bin/apxs./configure \ --with-apxs=/apache/bin/apxs \ --with-apr=/usr/local/apr/bin/apr-1-config \ --with-pcre=/usr/bin/pcre-config \ --enable-request-early Apache config: ... SecRuleEngine On SecRequestBodyAccess On SecRequestBodyLimit 10000000 SecRequestBodyNoFilesLimit 64000 SecResponseBodyAccess On SecResponseBodyLimit 10000000 SecTmpDir /tmp/ SecDataDir /tmp/ SecUploadDir /tmp/ SecDebugLog /apache/logs/modsec_debug.log SecDebugLogLevel 3 SecAuditEngine RelevantOnly SecAuditLogRelevantStatus "^(?:5|4(?!04))" SecAuditLogParts ABIJEFHKZ SecAuditLogType Concurrent SecAuditLog /apache/logs/modsec_audit.log SecAuditLogStorageDir /apache/logs/audit/ SecAuditLogFormat JSON |
