ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
I have libapache2-mod-security2 2.9.7-1 installed on debian 12.
In the configuration file /etc/modsecurity/modsecurity.conf
Default SecAuditLogStorageDir = /opt/modsecurity/var/audit
and all logs are written together, regardless of vhost.
Is it possible to sort by vhost?
Hello.
I have libapache2-mod-security2 2.9.7-1 installed on debian 12. In the configuration file /etc/modsecurity/modsecurity.conf Default
SecAuditLogStorageDir = /opt/modsecurity/var/audit
and all logs are written together, regardless of vhost. Is it possible to sort by vhost?...
Then, as an option to expand the functionality, you can add variables:
so that you can create different options for log storage paths:
or
Thx.