Can we remove these parts from logs?

71 views
Skip to first unread message

Blason R

unread,
Apr 6, 2024, 5:54:58 AMApr 6
to ModSecurity Core Rule Set project
Hi Team,

Wondering if I can remove below parts from logs? Or at least can we disable it?

"producer": {
"modsecurity": "ModSecurity v3.0.12 (Linux)",
"connector": "ModSecurity-nginx v1.0.3",
"secrules_engine": "DetectionOnly",
"components": [
"OWASP_CRS/3.3.5\""

Christian Folini

unread,
Apr 6, 2024, 3:55:47 PMApr 6
to Blason R, ModSecurity Core Rule Set project
Hi there,
I do not think ModSec allows you to disable parts of the log file. If you want
to save some space, maybe filter it.

Christian

>
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/CAPPXLT8DgoykauABwvr8va3UrQNSoj_1adaYpTakKHRYrwYk8g%40mail.gmail.com.

Jozef Sudolsky

unread,
Apr 7, 2024, 2:56:20 AMApr 7
to modsecurity-core...@owasp.org
Hi,

i don't know of any way how to do it. You can probably remove only the
last line by commenting out SecComponentSignature in
REQUEST-901-INITIALIZATION.conf file.

azurit




Citát Blason R <blas...@gmail.com>:

Blason R

unread,
Apr 7, 2024, 12:40:57 PMApr 7
to Jozef Sudolsky, ModSecurity Core Rule Set project
Reply all
Reply to author
Forward
0 new messages