Checks if an assay is relevant to be saved as an auditlog

src/assay.cc

@@ -592,6 +592,9 @@ int Assay::processLogging() {
     debug(4, "Starting phase LOGGING. (SecRules 5)");
     this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
 
+    /* If relevant, save this assay information at the audit_logs */
+    this->m_rules->audit_log->saveIfRelevant(this);
+
     return 0;
 }
 

src/audit_log.cc

@@ -136,6 +136,24 @@ bool AuditLog::isRelevant(int status) {
 
 
 bool AuditLog::saveIfRelevant(Assay *assay) {
+    if (this->isRelevant(assay->http_code_returned) == false &&
+        assay->save_in_auditlog == false) {
+        return true;
+    }
+
+    /**
+     * Even if it is relevant, if it is marked not to be save,
+     * we won't save it.
+     *
+     */
+    if (assay->do_not_save_in_auditlog == true) {
+        return true;
+    }
+
+    std::string log = logfy(assay);
+
+    m_writer->write(log);
+
     return true;
 }