Re: [mod-security-users] ModSecurity phase timing
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] ModSecurity phase timing
|
From: Felipe C. <FC...@tr...> - 2018-03-26 15:52:43
|
Hi, > On 3/23/18, 5:29 PM, "Christian Folini" <chr...@ne...> wrote: > > Hey Zimmerle, > > That makes sense, but I think it does not hold up when you look closer. > Why do you think so? > Correct me if I am wrong, but correlating stap with an individual request > is much more difficult than saving the perf-data out of ModSec directly > into the access-log (Apache / ModSec 2.9) or error-log (NGINX / ModSec 3.0). IMHO it is easy as there is no file to be parsed. (…) Br., Felipe “Zimmerle” Costa Security Researcher, Lead Developer ModSecurity. Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> |
