[Owasp-modsecurity-core-rule-set] [JIRA] Resolved: (CORERULES-67) Unique Request ID
Ryan Barnett (JIRA)
rbarnett at trustwave.com
Mon Mar 21 14:12:28 EDT 2011
[ https://www.modsecurity.org/tracker/browse/CORERULES-67?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ryan Barnett resolved CORERULES-67.
A new variable that holds the mod_uniqueid data (UNIQUE_ID) was created for v2.6 -
> Unique Request ID
> Key: CORERULES-67
> URL: https://www.modsecurity.org/tracker/browse/CORERULES-67
> Project: Core Rules
> Issue Type: Improvement
> Security Level: Normal
> Environment: All
> Reporter: Colin Watson
> Assignee: Ryan Barnett
> Priority: Wish
> Could ModSecurity CRS create a unique (sequential?) ID for each and every request per virtual host/site, and add this to the X-WAF headers? This could then be used as a request identifier to correlate information in ModSecurity logs and actions, with other security event data (e.g. in application logs) where there may be more than one event per request.
> The IDs would be needed for static as well as dynamic content requests, whether or not there was some sort of error, or not. For example, a not found error for an image file, and a page request using an unsupported request method, would both have IDs.
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://www.modsecurity.org/tracker/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the Owasp-modsecurity-core-rule-set