diff --git a/CHANGES b/CHANGES
index 14e9a419..763cca3c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,8 @@
?? ??? 2007 - 2.5.0-trunk
-------------------------
+ * Added "logdata" meta action to allow safe logging of raw transaction data.
+
* Added TX_SEVERITY that keeps track of the highest severity
for any matched rules so far.
diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml
index 9f61be2c..3c1b2998 100644
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -2617,9 +2617,9 @@ SecRule XML "@validateDTD /opt/apache-frontend/conf/xml.dtd"
<literal moreinfo="none">RULE</literal>
This variable provides access to the id,rev,severity, and id, rev,
+ severity, logdata, and msg fields of the rule that triggered the
action. Only available for expansion in action strings (e.g.setvar:tx.varname=%{rule.id}). Example:
@@ -3780,6 +3780,28 @@ SecRule REQUEST_URI "^/cgi-bin/script\.pl" \
ModSecurity audit log.
+
+ <literal>logdata</literal>
+
+ Description: Allows logging a
+ data fragment.
+
+ Action Group: Metadata
+
+ Example:
+
+ SecRule &ARGS:p "@eq 0" "log,logdata:'%{TX.0}'"
+
+ Note
+
+ The logdata information appears in the error and/or audit log
+ files and is not sent back to the client in response headers. Macro
+ expansion is preformed so you may use variable names such as %{TX.0},
+ etc. The information is properly escaped for use with logging binary
+ data.
+
+