Open Xakiadalisabad opened 3 weeks ago
Hi @Xakiadalisabad,
have you tried to put the directive into the vhost context where you want to have an own audit.log?
You didn't mention what version you use. If you use Apache, you can do:
<VirtualHost *:80>
...
SecAuditLog /var/log/nginx/other-vhost-modsec_audit.log
...
</VirtualHost>
If you use libmodsecurity3 and Nginx, you can try:
server {
...
modsecurity_rules '
SecAuditLog /var/log/nginx/other-vhost-modsec_audit.log
';
}
If you use Apache, you can automate things with modmacro, like <Macro VHostName $name> ServerName $name SecAuditLog /var/log/httpd/audit$name.log [...]
I would like to provide a log file separately for each user and their website. Is there a chance to do this using variables SecAuditLog?