Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Audit logs in proxy-wasm logs #263

Merged
merged 10 commits into from
Jul 18, 2024
+67 −7
Merged

feat: Audit logs in proxy-wasm logs #263

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
0667cef
implements auditlogs as info logs
M4tteoP Mar 25, 2024
a385e97
TINYGO_VERSION and recommended/demo
M4tteoP Mar 25, 2024
a620f32
adds serial_writer_go
M4tteoP Mar 25, 2024
42923fd
fix test registering serial writer
M4tteoP Mar 26, 2024
9cb6fd0
JSON added to recommended, SecAuditLog for default Serial writer
M4tteoP Mar 28, 2024
ec56bc5
enforces prefix, comments in recommended confs
M4tteoP Apr 1, 2024
cf8f47b
nit: naming
M4tteoP Apr 2, 2024
ebd88d7
fix: adds workaround for SecAuditLogRelevantStatus and default deny a…
M4tteoP Jul 16, 2024
07d99b1
revert workaround, points to Coraza master with fix
M4tteoP Jul 18, 2024
776444b
nit: removes leftover
M4tteoP Jul 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion wasmplugin/rules/coraza-demo.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -222,7 +222,8 @@ SecDebugLogLevel 3
# level response status codes).
#
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:(5|4)(0|1)[0-9])$"
# SecAuditLogRelevantStatus includes status 0 as a workaround for https://github.com/corazawaf/coraza/pull/1097
SecAuditLogRelevantStatus "^(?:(5|4)(0|1)[0-9]|0)$"

# Log everything we know about a transaction.
SecAuditLogParts ABIJDEFHZ
Expand Down
3 changes: 2 additions & 1 deletion wasmplugin/rules/coraza.conf-recommended.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,8 @@ SecResponseBodyLimitAction ProcessPartial
# level response status codes).
#
SecAuditEngine Off
SecAuditLogRelevantStatus "^(?:(5|4)(0|1)[0-9])$"
# SecAuditLogRelevantStatus includes status 0 as a workaround for https://github.com/corazawaf/coraza/pull/1097
SecAuditLogRelevantStatus "^(?:(5|4)(0|1)[0-9]|0)$"

# Log everything we know about a transaction.
SecAuditLogParts ABIJDEFHZ
Expand Down
Loading