Blocked Requests not logged in Debug mode Level 1

[jeremyjpj0916]

As per documentation, these are the valid values for debug levels (0 to 9, excluding 6-8):
https://www.feistyduck.com/library/modsecurity-handbook-free/online/ch04-logging.html

Debug log level	Description
0	No logging
1	Errors (e.g., fatal processing errors, blocked transactions)
2	Warnings (e.g., nonblocking rule matches)
3	Notices (e.g., nonfatal processing errors)
4	Handling of transactions and performance
5	Detailed syntax of the rules
6–8	Not used
9	Detailed information about transactions (e.g., variable expansion and setting of variables)

Working confirmed numbers(does output logs):
0,9,5,4

Not Working numbers:
1

Unsure best way to cause these so skipped them for now: 2,3

Audit log logic helps supplement the 1 use case generally(will also be raising a separate issue on that) but I still think it would be right and proper for level 1 to log errors in debug if documentation presents it like that(and maybe for audit vs debug log cross comparison for extra analysis).

Log level 4 supposedly helps with getting performance numbers too but In reviewing logs I see no logging to indicate performance of evaluated rules. Might it be that NGINX integration is not as feature complete as integrations with other webservers in v3?

Version: Master branch right now of the ngx connector + libmodsec 3.0.4

[zimmerle]

Hi @jeremyjpj0916,

What you are trying to achieve? I am not familiar with the references that you have quoted.

[jeremyjpj0916]

Howdy @zimmerle, hope your day is going well. Trying to achieve this:

https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#secdebugloglevel

On log level 1:

The possible values for the debug log level are:

0: no logging
1: errors (intercepted requests) only
2: warnings
3: notices
4: details of how transactions are handled
5: as above, but including information about each piece of information handled
9: log everything, including very detailed debugging information

Currently intercepted requests do not get logged into the https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#secdebuglog file at debug log level 1.

[github-actions]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days

[jeremyjpj0916]

still a thing

[victorhora]

The "nostale" tag has been set for this one and it's now reopened. We'll get to it when possible. Thank you.

[zimmerle]

Hi @jeremyjpj0916,

This reference manual is specific for version 2.x, some of that information is no longer valid for v3.0; Is the information that you are looking for is in any other LogLevel?

[github-actions]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days