github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Checks if an assay is relevant to be saved as an auditlog

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-07-03 15:21:38 -03:00
parent 0beae17b4f
commit fc622c27df
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/assay.cc
View File

@ -592,6 +592,9 @@ int Assay::processLogging() {
debug(4, "Starting phase LOGGING. (SecRules 5)"); debug(4, "Starting phase LOGGING. (SecRules 5)");
this->m_rules->evaluate(ModSecurity::LoggingPhase, this); this->m_rules->evaluate(ModSecurity::LoggingPhase, this);
/* If relevant, save this assay information at the audit_logs */
this->m_rules->audit_log->saveIfRelevant(this);
return 0; return 0;
} }

18
src/audit_log.cc
View File

@ -136,6 +136,24 @@ bool AuditLog::isRelevant(int status) {
bool AuditLog::saveIfRelevant(Assay *assay) { bool AuditLog::saveIfRelevant(Assay *assay) {
if (this->isRelevant(assay->http_code_returned) == false &&
assay->save_in_auditlog == false) {
return true;
}
/**
* Even if it is relevant, if it is marked not to be save,
* we won't save it.
*
*/
if (assay->do_not_save_in_auditlog == true) {
return true;
}
std::string log = logfy(assay);
m_writer->write(log);
return true; return true;
} }