github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,009 Commits 55 Branches 109 Tags
Commit Graph

86 Commits

Author SHA1 Message Date
Ervin Hegedus
3f8d21c4b1
Revert "Centralized function to get user name" 2024-02-07 23:08:06 +01:00
Marc Stern
063fc9f5c8
Update msc_logging.c 2023-08-18 16:54:19 +02:00
martinhsv
8f04f44b09
Merge pull request #2046 from arminabf/segfault-with-assigned-user 
segfault with assigned user id on OpenShift
 2022-11-23 14:20:25 -08:00
Nao YONASHIRO
774ff40c96
fix: care non-null terminated chunk data 2019-05-27 10:29:01 -03:00
Armin Abfalterer
46c6cb2759 use uid if user name is not available 2019-03-13 13:11:24 +01:00
Victor Hora
1adea9f1e8
Merge pull request #1714 from p0pr0ck5/sanitize-json 2018-11-12 19:45:38 -05:00
Victor Hora
a3dc602128 ju5t patch to fix mpm-itk mod_ruid2 compatibility 2018-10-12 21:20:40 -04:00
Robert Paprocki
8d4124eee2 Enable sanitizing JSON request bodies in native audit log format 
f86de56 enabled sanitizing JSON request body data in JSON audit
log formats (the commit message is misleading). This commit supplements
JSON request body sanitization to support sanitized elements in
native audit log formats.
 2018-03-20 11:35:40 -07:00
florian-eichelberger
f86de566d1
Enables sanitizing of json request bodies in the apache module for native log format 2018-02-05 09:36:45 -03:00
Marc Stern
89764f12b0
Fixed typos: LOG_NO_STOPWATCH instead of DLOG_NO_STOPWATCH $log_server_context instead of $log_server_context 2017-09-29 18:34:30 +00:00
Felipe Zimmerle
d6bd0badc5
Cosmetics: fix #1400 indentation and help message 2017-05-08 16:01:37 -03:00
Marc Stern
70322304f2
{dis|en}able-server-context-logging: Option to disable logging of server info (log producer, sanitized objects, ...) in audit log. 2017-05-08 15:36:58 -03:00
Felipe Zimmerle
3e9e4b39cc
Cosmetics changes top of #1402 2017-05-02 17:14:06 -03:00
Marc Stern
7246998f09
Adds option to disable logging of stopwatches in audit log. 2017-05-02 17:11:58 -03:00
Marc Stern
d7383c39dd
Option to disable logging of dechunking 2017-05-02 11:09:42 -03:00
Marc Stern
7b86d8c51d
Extends a7731c by adding JSON support 2017-04-26 16:38:12 -03:00
Felipe Zimmerle
3de0dfc5fd
Cosmetics: fix #1381 indentation 2017-04-26 16:04:31 -03:00
Marc Stern
d1376c5525
Adds option to disable logging of Apache handler in audit log 2017-04-26 16:03:58 -03:00
Marc Stern
9244cd9824
Option to disable logging of "Server" in audit log when log level < 9. [Issue #1070 - Marc Stern] 2017-04-10 12:13:55 -03:00
Robert Paprocki
a34f9eb785
Append a newline to concurrent JSON audit logs 2016-10-20 09:43:22 -03:00
Robert Paprocki
2b4ece14c6
Remove logdata and msg fields from JSON audit log rule elements 
Writing macro-expanded strings to JSON elements during the post-logging
phase can be misleading, because it's possible that variable contents
(such as MATCHED_VAR) could have changed after the rule match, altering
their expected contents. Writing macro-epanded audit data really only
makes sense when the macros are expanded immediately following the
rule match. See issue #1174 for more details.
 2016-10-04 09:31:25 -03:00
Chaim sanders
947cef7c8c
Adapted patch from 977 to fix status failing to report in Nginx auditlogs 2016-07-11 13:32:56 -03:00
Robert Paprocki
f2ef2017f1
Fix file upload JSON audit log entry 
Each uploaded file is a separate yajl array, but we forgot to open
the a map for the proper k/v pairs.

This fixes issue #1173.
 2016-07-11 12:14:37 -03:00
Felipe Zimmerle
a157ac2946 Fix compilation issue on "pedantic" compilers 2016-02-03 10:37:24 -03:00
Robert Paprocki
ddc25dbbaa Fix 'is_chained' value for final rule in chain 
'is_chained' should be true for an actionset when the is_chained
member of the struct is true, or when its rule has a valid
chain_starter member.
 2016-01-29 11:59:52 -03:00
Robert Paprocki
5bc75ec871 Do not compile in JSON logging support if yajl is not found 2016-01-29 11:59:52 -03:00
Robert Paprocki
0c95a7a2cd Clean up JSON rule writer 
* Escape rule actionset metadata
* Escape and truncate logdata
* Lazily add actionset tags as an array
* Add negated rule op_param
* Add unparsed rule representation
 2016-01-29 11:59:52 -03:00
Robert Paprocki
8559399ebd Update JSON structure for matched rules 
Create a separate map for each matched rule chain,
making it easier to identify chains in which only a portion
of rules actually matched.
 2016-01-29 11:59:52 -03:00
Robert Paprocki
7a39b4b5b9 Make JSON audit logging a configurable option 
Remove compile-time setting for generating audit logs
as JSON, creating a new config option (SecAuditLogFormat).
sec_audit_logger is now a wrapper for sec_audit_logger_json
or sec_audit_logger_native. This has the disadvantage of
making the audit log generation code harder to maintain,
but the logger function itself now is no longer pepper
with binary branches.
 2016-01-29 11:59:52 -03:00
Robert Paprocki
dd79bea0b4 Additional updates for JSON logging 
* Write Stopwatch2 values into a separate map
* Remove legacy Stopwatch
* Proper sanitization of request/response headers
* Lazily open maps for keys that may not have content
 2016-01-29 11:59:52 -03:00
Robert Paprocki
7b2ca1617e first pass at JSON logging implementation 2016-01-29 11:59:52 -03:00
Felipe Zimmerle
966e7e1ff1 Adds verification before access the strcmp 
Audit log was making the assumption that "arg->origin" was filled which
is not necessary true. This commit adds an verification.
 2014-03-31 16:22:09 -07:00
Ewald Dieterich
7e459827e0 Log why writing to audit log failed 
Add error description from apr_strerror() to message that is logged if
writing to audit log failed.
 2014-03-31 07:14:55 -07:00
Ewald Dieterich
607dfd229a Fix segmentation fault if writing to audit log fails 
A segmentation fault occurs if concurrent audit log format is enabled
(SecAuditLogType Concurrent) and writing to the log fails.
 2014-03-31 07:14:55 -07:00
Breno Silva
aa18ec7f45 Updated copyright dates 2013-04-19 03:20:46 -04:00
Breno Silva
ce3cf00a2c Fixed byte conversion issue during logging under zlinux 2012-10-31 17:05:41 -04:00
brenosilva
0d2307192c MODSEC-336 2012-10-05 18:03:58 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
b19f32bb3e Make clean and maintainer-clean removes unused files, also add # when rule chain doenst match 2011-04-29 19:05:48 +00:00
brenosilva
f468224a40 Change log_escape_nq to log_escape 2011-04-27 16:40:08 +00:00
brenosilva
6b7edc4d47 Fixes, code cleanups, improvements 2011-04-27 15:58:22 +00:00
brenosilva
cf97731cc0 Fix logging MATCHED_VARS issue 2011-04-25 19:46:33 +00:00
brenosilva
4c6419cf74 Remove extra debug msg for log section K 2011-04-14 18:12:56 +00:00
brenosilva
9cd2efd97a Added extra debug msg for log section K 2011-04-12 21:25:14 +00:00
brenosilva
025d41f71f Added extra debug msg for log section K 2011-04-12 20:53:37 +00:00
brenosilva
5bfb2973e8 Change rule comparing to log section K 2011-04-12 20:06:28 +00:00
brenosilva
6ea5cba17b Move version() to mod_security2 2011-04-12 13:53:33 +00:00
brenosilva
0d32c17c30 Memory pool fixes and code cleanup 2011-04-03 03:57:02 +00:00
brenosilva
6031e7fdae Improvements, bug fixes and cleanup from Tom Donavan 2011-04-02 23:10:16 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00