Request Filter Logging

Discussion in 'General' started by melinite, Apr 23, 2009.

  1. melinite

    melinite Member

    Where do i view the logs entries?

    I have set log level 1 and server log level to debug, still no entries in log?
    Want to test SQL injection attack logs.

    Please advise.
  2. mistwang

    mistwang LiteSpeed Staff

    If you use Apache httpd.conf, you should change mod_security configuration there.
    If you configure filter rules natively, you can try setting log level to 9.
  3. melinite

    melinite Member

    Ok log level 9 works, but also floods the log files with all requests like this:

    2009-04-24 10:27:55.461 [INFO] [] no request variables, skip ruleset: SQL Injection attack

    Like 1000 log entries in 10 minutes.

    How to just log when an attack happens.

    Soon as I drop to level 8, only logs ALL requests that skip the ruleset.

    I'm using native filters from admin console.

    Please advise.
  4. mistwang

    mistwang LiteSpeed Staff

    Then you set debug log level to 0, only real attack blocked will be logged.
  5. melinite

    melinite Member

    Server Log level is set to Debug | Debug level none.

    Log level 9 on request filter floods logs still.

    Anything less than 9 on request filter log level and attacks don't get logged only skip ruleset notices which flood the log.

    Using ver 4.01

    I must be missing something.

    Please advise.

Share This Page