Open pieterlange opened 9 years ago
zimmerle
commented
9 years ago As you have cited that is on our TODO list, currently it is an experimental utility that may be handy for someone that is willing to spend some time on it. It is not tested on production system yet.
If you are interested to spent some time with the utility, also improving it, contact me at IRC, twitter or email.
celesteking
commented
5 years ago Well, neither of them (mlogc/ng) are ready for production, it seems. We're getting stuck processes and high cpu utilization of httpd procs beause of mlogc. Where do I actually open a bug for mlogc? I've got a core file ready.
zimmerle
commented
5 years ago Hi @celesteking,
Well, neither of them (mlogc/ng) are ready for production, it seems. We're getting stuck processes and high cpu utilization of httpd procs beause of mlogc. Where do I actually open a bug for mlogc? I've got a core file ready.
The right place would be the main ModSecurity repo: https://github.com/SpiderLabs/ModSecurity
Please search among the closed issue, one common problem that could lead to a crash was apr version mismatch.
I gave mlogc-ng an honest try after initially being very hesitant..
There's no documentation whatsoever, except for this little excerpt from mlogc-ng.c:
Some minimal usage instructions would be nice... i just want to be able to export my logs to JSON..or any format that's not modsec_audit's native format