concurrent logging files empty #1547
Comments
adamjacobmuller
changed the title
|
Make sure you have YAJL support enabled, otherwise the logs file will be empty. |
|
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#secauditlogformat Does this option no longer exist at all for ModSecurity 3 with the only option being for json-format logging? |
|
Hi @adamjacobmuller This option is available on the latest version. You can choose between JSON and old native format. Also, you can compile libModSecurity to support the JSON. Just install the yajl developer packages and re-compile libModSecurity. The compilation process should detect the developer packages and enable the support by default. |
|
hi @zimmerle, I'm not even seeing the keyword SecAuditLogFormat in the source for v3/master, should I be using another branch? |
Hello,
We are running ModSecurity@1edd3570e11e9bb2b6d86b249232b24917a4b0ac and ModSecurity-nginx@abbf2c47f6f3205484a1a9db618e067dce213b89 with nginx 1.13.1.
I'm attaching the rule set + modsecurity configuration as well.
From the
SecAuditLog:The files that appear are all zero bytes, which modsecurity appears to understand/expect as it says its writing 0 bytes and the md5 hash is d41d8... (the md5 hash of an empty string).
rules.zip
The text was updated successfully, but these errors were encountered: