-
Notifications
You must be signed in to change notification settings - Fork 284
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Blocked Requests not logged in Debug mode Level 1 #179
Comments
Hi @jeremyjpj0916, What you are trying to achieve? I am not familiar with the references that you have quoted. |
Howdy @zimmerle, hope your day is going well. Trying to achieve this: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#secdebugloglevel On log level 1:
Currently intercepted requests do not get logged into the https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#secdebuglog file at debug log level 1. |
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days |
still a thing |
The "nostale" tag has been set for this one and it's now reopened. We'll get to it when possible. Thank you. |
Hi @jeremyjpj0916, This reference manual is specific for version 2.x, some of that information is no longer valid for v3.0; Is the information that you are looking for is in any other LogLevel? |
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days |
As per documentation, these are the valid values for debug levels (0 to 9, excluding 6-8):
https://www.feistyduck.com/library/modsecurity-handbook-free/online/ch04-logging.html
Working confirmed numbers(does output logs):
0,9,5,4
Not Working numbers:
1
Unsure best way to cause these so skipped them for now: 2,3
Audit log logic helps supplement the 1 use case generally(will also be raising a separate issue on that) but I still think it would be right and proper for level 1 to log errors in debug if documentation presents it like that(and maybe for audit vs debug log cross comparison for extra analysis).
Log level 4 supposedly helps with getting performance numbers too but In reviewing logs I see no logging to indicate performance of evaluated rules. Might it be that NGINX integration is not as feature complete as integrations with other webservers in v3?
Version: Master branch right now of the ngx connector + libmodsec 3.0.4
The text was updated successfully, but these errors were encountered: