bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/synsec-/config/patterns/modsecurity (about) 1 APACHEERRORTIME %{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR} 2 APACHEERRORPREFIX \[%{APACHEERRORTIME:timestamp}\] \[%{NOTSPACE:apacheseverity}\] (\[pid %{INT}:tid %{INT}\] )?\[client %{IPORHOST:sourcehost}(:%{INT:source_port})?\] (\[client %{IPORHOST}\])? 3 GENERICAPACHEERROR %{APACHEERRORPREFIX} %{GREEDYDATA:message} 4 MODSECPREFIX %{APACHEERRORPREFIX} ModSecurity: %{NOTSPACE:modsecseverity}\. %{GREEDYDATA:modsecmessage} 5 MODSECRULEFILE \[file %{QUOTEDSTRING:rulefile}\] 6 MODSECRULELINE \[line %{QUOTEDSTRING:ruleline}\] 7 MODSECMATCHOFFSET \[offset %{QUOTEDSTRING:matchoffset}\] 8 MODSECRULEID \[id %{QUOTEDSTRING:ruleid}\] 9 MODSECRULEREV \[rev %{QUOTEDSTRING:rulerev}\] 10 MODSECRULEMSG \[msg %{QUOTEDSTRING:rulemessage}\] 11 MODSECRULEDATA \[data %{QUOTEDSTRING:ruledata}\] 12 MODSECRULESEVERITY \[severity ["']%{WORD:ruleseverity}["']\] 13 MODSECRULEVERS \[ver "[^"]+"\] 14 MODSECRULETAGS (?:\[tag %{QUOTEDSTRING:ruletag0}\] )?(?:\[tag %{QUOTEDSTRING:ruletag1}\] )?(?:\[tag %{QUOTEDSTRING:ruletag2}\] )?(?:\[tag %{QUOTEDSTRING:ruletag3}\] )?(?:\[tag %{QUOTEDSTRING:ruletag4}\] )?(?:\[tag %{QUOTEDSTRING:ruletag5}\] )?(?:\[tag %{QUOTEDSTRING:ruletag6}\] )?(?:\[tag %{QUOTEDSTRING:ruletag7}\] )?(?:\[tag %{QUOTEDSTRING:ruletag8}\] )?(?:\[tag %{QUOTEDSTRING:ruletag9}\] )?(?:\[tag %{QUOTEDSTRING}\] )* 15 MODSECHOSTNAME \[hostname ['"]%{DATA:targethost}["']\] 16 MODSECURI \[uri ["']%{DATA:targeturi}["']\] 17 MODSECUID \[unique_id %{QUOTEDSTRING:uniqueid}\] 18 MODSECAPACHEERROR %{MODSECPREFIX} %{MODSECRULEFILE} %{MODSECRULELINE} (?:%{MODSECMATCHOFFSET} )?(?:%{MODSECRULEID} )?(?:%{MODSECRULEREV} )?(?:%{MODSECRULEMSG} )?(?:%{MODSECRULEDATA} )?(?:%{MODSECRULESEVERITY} )?(?:%{MODSECRULEVERS} )?%{MODSECRULETAGS}%{MODSECHOSTNAME} %{MODSECURI} %{MODSECUID}