-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding ModSecurity parameter for audit log format. #2583
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but see inline comment for some doc improvements. Thank!
@@ -36,6 +36,7 @@ | |||
|
|||
$modsec_audit_log_parts = 'ABIJDEFHZ' | |||
$modsec_audit_log_type = 'Serial' | |||
$modsec_audit_log_format = 'Native' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't put the default value in params.pp
@@ -143,6 +146,7 @@ | |||
String $audit_log_relevant_status = '^(?:5|4(?!04))', | |||
String $audit_log_parts = $apache::params::modsec_audit_log_parts, | |||
String $audit_log_type = $apache::params::modsec_audit_log_type, | |||
Enum['Native', 'JSON'] $audit_log_format = $apache::params::modsec_audit_log_format, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Put the default value here instead.
That way, the default value is correctly documented in the generated documentation.
@@ -32,6 +32,9 @@ | |||
# | |||
# @param audit_log_type | |||
# Defines the type of audit logging mechanism to be used. | |||
# | |||
# @param audit_log_format | |||
# Defines what format the logs should be written in. Accepts `Native` and `JSON`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to list accepted values, as the documentation include the data type (and the default value).
Summary
Adds a parameter to set the audit log format to
JSON
https://github.com/owasp-modsecurity/ModSecurity/wiki/Reference-Manual-(v2.x)#user-content-SecAuditLogFormat
Additional Context
Since as of the current version of ModSecurity, this can only have two values
Native
andJSON
, andNative
is default, I decided only add the line if someone specifically sets the value toJSON
. This means it shouldn't touch any existing config, especially on versions where this parameter may not exist.Checklist
puppet apply
)