Re: [mod-security-users] SecGuardianLog per virtual host?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] SecGuardianLog per virtual host?
|
From: Linh Vu <vu...@ph...> - 2006-02-28 22:49:04
|
Thanks for clearing that up. I get it now. Cheers, Linh Ivan Ristic wrote: >Linh Vu wrote: > > >>Hi, >> >>Thanks for your reply. I currently have 1 AuditLog at httpd.conf level >>to log all virtual hosts. I take it that if I add SecGuardianLog >>/path/to/httpd-guardian at that same level, it will scan every request >>that gets logged in AuditLog and act accordingly? >> >> > > The idea is to send information about *every* request to the > guardian log. > > > > >>I'm confused by this >>paragraph in httpd-guardian script: >> >># NOTE: In order for this script to be effective it must be able to >># see all requests coming to the web server. This will not happen >># if you are using per-virtual host logging. In such cases either >># use the ModSecurity 1.9 SecGuardianLog directive (which was designed >># for this very purpose). >> >>So does "per-virtual host logging" here refer to the Audit Log? >> >> > > No, it refers to the case when you are using this facility without > ModSecurity. In that case you will need to ensure all requests are > sent to httpd-guardian. > > If you are using ModSecurity - it does that for you. > > > > >>Which >>means that if I have multiple AuditLogs for the virtual hosts, >>SecGuardianLog won't be effective, right? >> >> > > No, audit log and guardian log are not related. > > > -- ----------------------------------------------- Linh Vu - Web/DB and Systems Support officer School of Physics, The University of Melbourne Office: 8344 8093 Email: vu...@ph... ----------------------------------------------- |
