Computes auditlog during rules load time

2025-11-19 10:44:25 +03:00 · 2020-06-03 20:57:27 -03:00
parent bf3a1d84ff
commit c38051324d
18 changed files with 197 additions and 92 deletions
--- a/test/test-cases/regression/config-secdefaultaction.json
+++ b/test/test-cases/regression/config-secdefaultaction.json
@@ -272,11 +272,14 @@
    },
    "expected":{
      "audit_log":"",
-      "debug_log":"Request was relevant to be saved.",
+      "debug_log":"Saving this request as part of the audit logs",
      "http_code": 302
    },
    "rules":[
      "SecRuleEngine On",
+      "SecAuditEngine On",
+      "SecAuditLogStorageDir /tmp/test",
+      "SecAuditLogType Parallel",
      "SecDefaultAction \"phase:2,log,auditlog,status:302,redirect:'http://www.google.com'\"",
      "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,block\"",
      "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none,block\""