github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds section "H" to serial audit log

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-12-16 00:06:48 -03:00
parent 2d29740ca4
commit 317808fe54
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
3 changed files with 26 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
headers/modsecurity/rule_message.h
View File

@ -52,7 +52,8 @@ class RuleMessage {
std::string errorLog(Transaction *trans);
std::string disruptiveErrorLog(Transaction *trans, std::string log2);
std::string noClientErrorLog(Transaction *trans);
std::string errorLogTail(Transaction *trans);
std::string m_match;
std::string m_ruleFile;

25
src/rule_message.cc
View File

@ -53,11 +53,11 @@ std::string RuleMessage::disruptiveErrorLog(Transaction *trans,
return modsecurity::utils::string::toHexIfNeeded(msg);
}
std::string RuleMessage::errorLog(Transaction *trans) {
std::string RuleMessage::noClientErrorLog(Transaction *trans) {
std::string msg;
msg.append("[client " + std::string(trans->m_clientIpAddress) + "]");
msg.append(" ModSecurity: Warning. ");
msg.append("ModSecurity: Warning. ");
msg.append(m_match);
msg.append(" [file \"" + std::string(m_ruleFile) + "\"]");
msg.append(" [line \"" + std::to_string(m_ruleLine) + "\"]");
@ -73,7 +73,14 @@ std::string RuleMessage::errorLog(Transaction *trans) {
for (auto &a : m_tags) {
msg.append(" [tag \"" + a + "\"]");
}
msg.append(" [hostname \"" + std::string(trans->m_serverIpAddress) \
return modsecurity::utils::string::toHexIfNeeded(msg);
}
std::string RuleMessage::errorLogTail(Transaction *trans) {
std::string msg;
msg.append("[hostname \"" + std::string(trans->m_serverIpAddress) \
+ "\"]");
msg.append(" [uri \"" + trans->m_uri_no_query_string_decoded + "\"]");
msg.append(" [unique_id \"" + trans->m_id + "\"]");
@ -81,4 +88,14 @@ std::string RuleMessage::errorLog(Transaction *trans) {
return modsecurity::utils::string::toHexIfNeeded(msg);
}
std::string RuleMessage::errorLog(Transaction *trans) {
std::string msg;
msg.append("[client " + std::string(trans->m_clientIpAddress) + "] ");
msg.append(noClientErrorLog(trans));
msg.append(" " + errorLogTail(trans));
return msg;
}
} // namespace modsecurity

3
src/transaction.cc
View File

@ -1436,6 +1436,9 @@ std::string Transaction::toOldAuditLogFormat(int parts,
}
if (parts & audit_log::AuditLog::HAuditLogPart) {
audit_log << "--" << trailer << "-" << "H--" << std::endl;
for (auto a : m_rulesMessages) {
audit_log << a.noClientErrorLog(this) << std::endl;
}
audit_log << std::endl;
/** TODO: write audit_log H part. */
}