Can we remove these parts from logs?
55 views
Skip to first unread message
Blason R
Apr 6, 2024, 5:54:58 AMApr 6
to ModSecurity Core Rule Set project
Hi Team,
Wondering if I can remove below parts from logs? Or at least can we disable it?
"producer": {
"modsecurity": "ModSecurity v3.0.12 (Linux)",
"connector": "ModSecurity-nginx v1.0.3",
"secrules_engine": "DetectionOnly",
"components": [
"OWASP_CRS/3.3.5\""
Wondering if I can remove below parts from logs? Or at least can we disable it?
"producer": {
"modsecurity": "ModSecurity v3.0.12 (Linux)",
"connector": "ModSecurity-nginx v1.0.3",
"secrules_engine": "DetectionOnly",
"components": [
"OWASP_CRS/3.3.5\""
Christian Folini
Apr 6, 2024, 3:55:47 PMApr 6
to Blason R, ModSecurity Core Rule Set project
Hi there,
I do not think ModSec allows you to disable parts of the log file. If you want
to save some space, maybe filter it.
Christian
>
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/CAPPXLT8DgoykauABwvr8va3UrQNSoj_1adaYpTakKHRYrwYk8g%40mail.gmail.com.
to save some space, maybe filter it.
Christian
>
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/CAPPXLT8DgoykauABwvr8va3UrQNSoj_1adaYpTakKHRYrwYk8g%40mail.gmail.com.
Jozef Sudolsky
Apr 7, 2024, 2:56:20 AMApr 7
to modsecurity-core...@owasp.org
Hi,
i don't know of any way how to do it. You can probably remove only the
last line by commenting out SecComponentSignature in
REQUEST-901-INITIALIZATION.conf file.
azurit
Citát Blason R <blas...@gmail.com>:
i don't know of any way how to do it. You can probably remove only the
last line by commenting out SecComponentSignature in
REQUEST-901-INITIALIZATION.conf file.
azurit
Citát Blason R <blas...@gmail.com>:
Blason R
Apr 7, 2024, 12:40:57 PMApr 7
to Jozef Sudolsky, ModSecurity Core Rule Set project
Thanks folks let me try that out.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/20240406124612.Horde.4x7FDBDzas0rY01JFQoYJMw%40webmail.inetadmin.eu.
Reply all
Reply to author
Forward
0 new messages