github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,701 Commits 55 Branches 109 Tags
Commit Graph

76 Commits

Author SHA1 Message Date
Felipe Zimmerle
d6bd0badc5
Cosmetics: fix #1400 indentation and help message 2017-05-08 16:01:37 -03:00
Marc Stern
70322304f2
{dis|en}able-server-context-logging: Option to disable logging of server info (log producer, sanitized objects, ...) in audit log. 2017-05-08 15:36:58 -03:00
Felipe Zimmerle
3e9e4b39cc
Cosmetics changes top of #1402 2017-05-02 17:14:06 -03:00
Marc Stern
7246998f09
Adds option to disable logging of stopwatches in audit log. 2017-05-02 17:11:58 -03:00
Marc Stern
d7383c39dd
Option to disable logging of dechunking 2017-05-02 11:09:42 -03:00
Marc Stern
7b86d8c51d
Extends a7731c by adding JSON support 2017-04-26 16:38:12 -03:00
Felipe Zimmerle
3de0dfc5fd
Cosmetics: fix #1381 indentation 2017-04-26 16:04:31 -03:00
Marc Stern
d1376c5525
Adds option to disable logging of Apache handler in audit log 2017-04-26 16:03:58 -03:00
Marc Stern
9244cd9824
Option to disable logging of "Server" in audit log when log level < 9. [Issue #1070 - Marc Stern] 2017-04-10 12:13:55 -03:00
Robert Paprocki
a34f9eb785
Append a newline to concurrent JSON audit logs 2016-10-20 09:43:22 -03:00
Robert Paprocki
2b4ece14c6
Remove logdata and msg fields from JSON audit log rule elements 
Writing macro-expanded strings to JSON elements during the post-logging
phase can be misleading, because it's possible that variable contents
(such as MATCHED_VAR) could have changed after the rule match, altering
their expected contents. Writing macro-epanded audit data really only
makes sense when the macros are expanded immediately following the
rule match. See issue #1174 for more details.
 2016-10-04 09:31:25 -03:00
Chaim sanders
947cef7c8c
Adapted patch from 977 to fix status failing to report in Nginx auditlogs 2016-07-11 13:32:56 -03:00
Robert Paprocki
f2ef2017f1
Fix file upload JSON audit log entry 
Each uploaded file is a separate yajl array, but we forgot to open
the a map for the proper k/v pairs.

This fixes issue #1173.
 2016-07-11 12:14:37 -03:00
Felipe Zimmerle
a157ac2946 Fix compilation issue on "pedantic" compilers 2016-02-03 10:37:24 -03:00
Robert Paprocki
ddc25dbbaa Fix 'is_chained' value for final rule in chain 
'is_chained' should be true for an actionset when the is_chained
member of the struct is true, or when its rule has a valid
chain_starter member.
 2016-01-29 11:59:52 -03:00
Robert Paprocki
5bc75ec871 Do not compile in JSON logging support if yajl is not found 2016-01-29 11:59:52 -03:00
Robert Paprocki
0c95a7a2cd Clean up JSON rule writer 
* Escape rule actionset metadata
* Escape and truncate logdata
* Lazily add actionset tags as an array
* Add negated rule op_param
* Add unparsed rule representation
 2016-01-29 11:59:52 -03:00
Robert Paprocki
8559399ebd Update JSON structure for matched rules 
Create a separate map for each matched rule chain,
making it easier to identify chains in which only a portion
of rules actually matched.
 2016-01-29 11:59:52 -03:00
Robert Paprocki
7a39b4b5b9 Make JSON audit logging a configurable option 
Remove compile-time setting for generating audit logs
as JSON, creating a new config option (SecAuditLogFormat).
sec_audit_logger is now a wrapper for sec_audit_logger_json
or sec_audit_logger_native. This has the disadvantage of
making the audit log generation code harder to maintain,
but the logger function itself now is no longer pepper
with binary branches.
 2016-01-29 11:59:52 -03:00
Robert Paprocki
dd79bea0b4 Additional updates for JSON logging 
* Write Stopwatch2 values into a separate map
* Remove legacy Stopwatch
* Proper sanitization of request/response headers
* Lazily open maps for keys that may not have content
 2016-01-29 11:59:52 -03:00
Robert Paprocki
7b2ca1617e first pass at JSON logging implementation 2016-01-29 11:59:52 -03:00
Felipe Zimmerle
966e7e1ff1 Adds verification before access the strcmp 
Audit log was making the assumption that "arg->origin" was filled which
is not necessary true. This commit adds an verification.
 2014-03-31 16:22:09 -07:00
Ewald Dieterich
7e459827e0 Log why writing to audit log failed 
Add error description from apr_strerror() to message that is logged if
writing to audit log failed.
 2014-03-31 07:14:55 -07:00
Ewald Dieterich
607dfd229a Fix segmentation fault if writing to audit log fails 
A segmentation fault occurs if concurrent audit log format is enabled
(SecAuditLogType Concurrent) and writing to the log fails.
 2014-03-31 07:14:55 -07:00
Breno Silva
aa18ec7f45 Updated copyright dates 2013-04-19 03:20:46 -04:00
Breno Silva
ce3cf00a2c Fixed byte conversion issue during logging under zlinux 2012-10-31 17:05:41 -04:00
brenosilva
0d2307192c MODSEC-336 2012-10-05 18:03:58 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
b19f32bb3e Make clean and maintainer-clean removes unused files, also add # when rule chain doenst match 2011-04-29 19:05:48 +00:00
brenosilva
f468224a40 Change log_escape_nq to log_escape 2011-04-27 16:40:08 +00:00
brenosilva
6b7edc4d47 Fixes, code cleanups, improvements 2011-04-27 15:58:22 +00:00
brenosilva
cf97731cc0 Fix logging MATCHED_VARS issue 2011-04-25 19:46:33 +00:00
brenosilva
4c6419cf74 Remove extra debug msg for log section K 2011-04-14 18:12:56 +00:00
brenosilva
9cd2efd97a Added extra debug msg for log section K 2011-04-12 21:25:14 +00:00
brenosilva
025d41f71f Added extra debug msg for log section K 2011-04-12 20:53:37 +00:00
brenosilva
5bfb2973e8 Change rule comparing to log section K 2011-04-12 20:06:28 +00:00
brenosilva
6ea5cba17b Move version() to mod_security2 2011-04-12 13:53:33 +00:00
brenosilva
0d32c17c30 Memory pool fixes and code cleanup 2011-04-03 03:57:02 +00:00
brenosilva
6031e7fdae Improvements, bug fixes and cleanup from Tom Donavan 2011-04-02 23:10:16 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
8b52a7d1e2 MODSEC-173 2011-03-11 17:34:18 +00:00
brenosilva
3c53fe5beb Add ifdef when print lua version 2011-02-17 17:26:22 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
fdded33831 MODSEC-60 2011-01-12 15:45:46 +00:00
brenosilva
8907f66f3f MODSEC-127 2011-01-09 14:23:00 +00:00
brenosilva
549f059480 move 2.5.13 into trunk 2010-12-08 18:58:18 +00:00
b1v1r
3a10f9fb8d Fix autoconf header and include path so trunk builds. 2010-08-31 18:35:55 +00:00
b1v1r
08edc0c26f Merge 2.5.x (2.5.12) changes into trunk. 2010-02-05 19:05:20 +00:00
ivanr
221af6f5c1 Add PERF_ALL, sepearate PERF_STORAGE into PERF_SREAD and PERF_SWRITE. 2010-02-01 12:10:28 +00:00