Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: SecAuditLogDir, removes mention of SecAuditLogStorageDir #1167

Merged
merged 2 commits into from
Oct 6, 2024
Merged

docs: SecAuditLogDir, removes mention of SecAuditLogStorageDir #1167

merged 2 commits into from
Oct 6, 2024

Conversation

M4tteoP
Copy link
Member

@M4tteoP M4tteoP commented Oct 5, 2024
edited
Loading

Address https://owasp.slack.com/archives/C02BXH135AT/p1727977719979589.

Users relying on the documentation website are still facing misleading content related to ModSec. As far as I understood, SecAuditLogStorageDir does not exist in Coraza, in favor of SecAuditLogDir. This PR:

  • Adds a description of SecAuditLogDir in order to make it appear on the website.
  • Removes mentions of SecAuditLogStorageDir.

Was there a specific reason to omit SecAuditLogDir from the doc, or we just missed it?

We can still implement SecAuditLogStorageDir as an alias if we feel it is needed.

M4tteoP
M4tteoP commented Oct 5, 2024
View reviewed changes
internal/seclang/directives.go
@@ -611,8 +611,6 @@ func directiveSecCollectionTimeout(options *DirectiveOptions) error {
// or the concurrent logging index file (concurrent logging format).
// Syntax: SecAuditLog [ABSOLUTE_PATH_TO_LOG_FILE]
// ---
// When used in combination with mlogc (only possible with concurrent logging), this
Copy link
Member Author

@M4tteoP M4tteoP Oct 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm missing the context here, is mlogc something that can be used with Coraza? All the information I found over the web makes me think that it is a leftover and mlogc is very related to Modsec.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are right. Mlogc doesn't work, but the JSON logging is way more powerful

@M4tteoP M4tteoP marked this pull request as ready for review October 5, 2024 18:24
@M4tteoP M4tteoP requested a review from a team as a code owner October 5, 2024 18:24
@M4tteoP M4tteoP merged commit 84521d3 into main Oct 6, 2024
6 checks passed
@M4tteoP M4tteoP deleted the doc_conc_logs branch October 6, 2024 09:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fzipi fzipi fzipi left review comments

@jcchavezs jcchavezs jcchavezs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@M4tteoP @fzipi @jcchavezs