Open vukitoso opened 6 months ago
Hi @vukitoso,
I can consider this is a feature request.
Beside you sent requests like this, please keep it mind that this module is not ready for production.
Then, as an option to expand the functionality, you can add variables: $vhost $year $month $day $hour $minute $second $ID - some kind of unique identifier that is added to the end of the log name
so that you can create different options for log storage paths: /opt/modsecurity/var/audit/$vhost/$year-$month-$day/$hour-$minute-$second-$ID.log /opt/modsecurity/var/audit/site.com/2024-03-31/11-51-03-ZgkZYEAFt1ApFkqHlmHjUgAAAAE.log or /opt/modsecurity/var/audit/$vhost/$year-$month/$day/$hour-$minute-$second-$ID.log /opt/modsecurity/var/audit/site.com/2024-03/31/11-51-03-ZgkZYEAFt1ApFkqHlmHjUgAAAAE.log
Beside you sent requests like this, please keep it mind that this module is not ready for production.
I have the package "libapache2-mod-security2" installed on debian 12. This module is built from https://github.com/owasp-modsecurity/ModSecurity-apache?
This module is built from https://github.com/owasp-modsecurity/ModSecurity-apache?
No. This module is built from https://github.com/owasp-modsecurity/ModSecurity, but from the branch v2/master.
Thank you, that means I wrote in the wrong place. Sorry.
Hello. Default SecAuditLogStorageDir = /opt/modsecurity/var/audit and all logs are written together, regardless of vhost. Is it possible to sort by vhost?
/opt/modsecurity/var/audit/site1.com/ /opt/modsecurity/var/audit/site2.com/ ...
Thx.