Currently i am running with Nginx Ingress Controller in kubernetes and Modsecurity enabled with the below Ingress Snippet, And what is intended by these configs are :
Detecting Only
Logging everything as STDOUT instead of a local file in the POD
Logging as JSON
Config:
SecRuleEngine DetectionOnly
SecAuditEngine RelevantOnly
SecAuditLogParts AB
SecAction "id:900110, phase:1, nolog, pass, t:none, setvar:tx.inbound_anomaly_score_threshold=100, setvar:tx.outbound_anomaly_score_threshold=100"
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
SecAuditLog /dev/stdout
SecDebugLog /dev/stdout
SecAuditLogType Serial
SecAuditLogFormat JSON
The problem Statement:
It keeps logging in a local file instead of STDOUT ( /var/log/modsec_audit.log )
There is no any log indicating an issue in the configurations
Currently i am running with Nginx Ingress Controller in kubernetes and Modsecurity enabled with the below Ingress Snippet, And what is intended by these configs are :
Config:
The problem Statement:
Resources Versions: