This instructs the filter what to do with the transaction's audit log.
requestHeadersOnly
bool
If set, the body will not be buffered and fed to ModSecurity. Only the headers will. This can help improve perforance.
responseHeadersOnly
bool
regressionLogs
bool
log in a format suited for the OWASP regression tests. this format is a multiline log format, so it is disabled for regular use. do not enable this in production!
This instructs the filter what to do with the transaction's audit log.
requestHeadersOnly
bool
If set, the body will not be buffered and fed to ModSecurity. Only the headers will. This can help improve perforance.
responseHeadersOnly
bool
RuleSet
Field
Type
Label
Description
ruleStr
string
String of rules which are added directly
files
[]string
repeated
Array of files to include
directory
string
A directory to include. all *.conf files in this directory will be included. sub directories will NOT be checked.
AuditLogging.AuditLogAction
Name
Number
Description
NEVER
0
Never generate audit logs.
RELEVANT_ONLY
1
When set to RELEVANT_ONLY, this will have similar behavior to SecAuditEngine RelevantOnly.
ALWAYS
2
Always generate an audit log entry (as long as the filter is not disabled).
AuditLogging.AuditLogLocation
Name
Number
Description
FILTER_STATE
0
Add the audit log to the filter state. it will be under the key “io.solo.modsecurity.audit_log”. You can use this formatter in the access log: %FILTER_STATE(io.solo.modsecurity.audit_log)%
DYNAMIC_METADATA
1
Add the audit log to the dynamic metadata. it will be under the filter name “io.solo.filters.http.modsecurity”. with “audit_log” as the key. You can use this formatter in the access log: %DYNAMIC_METADATA(io.solo.filters.http.modsecurity:audit_log)%
