From 686a74173ff1a7d3fbca777194643980bd278760 Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach-cyber.com>
Date: Wed, 7 Aug 2024 17:01:20 +0200
Subject: [PATCH] # Send some requests & check log format

---
 .github/workflows/ci.yml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0c32ce18..d4925d44 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -49,4 +49,14 @@ jobs:
         run: |
           sudo systemctl restart apache2.service
           sudo cat /var/log/apache2/error.log
-
+      - name: Check error.log
+        run: |
+          # Send requests & check log format
+          # Valid request
+          curl -s http://127.0.01/ > /dev/null || echo $?
+          # Invalid request
+          curl -s http://127.0.01/%2e%2f > /dev/null || echo $? 
+          # Check log format
+          grep -F ModSecurity < /var/log/apache2/error.log | grep -vP "^\[[^\]]+\] \[security2:[a-z]+\] \[pid [0-9]+:tid [0-9]+\] (?:\[client [0-9.:]+\] )?ModSecurity" || exit 0
+          # grep -v succeeded => found some lines with invalid format
+          exit 1