perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael A. Capone" <mcap...@cablewholesale.com>
Subject Filter out error log by IP address?
Date Thu, 28 Jan 2010 06:52:05 GMT
Hello,

I'm not sure this is a mod_perl question per se, but I'm hoping there's 
a mod_perl solution to our problem.

We currently use a 3rd party security company to do a nessus-type 
security audit on our site for PCI compliance.  Their scans naturally 
generate a lot of noise in the error log, to the point that legitimate 
site errors are lost in the forest.  What I'm hoping to find / create is 
some kind of mechanism that can pre-empt writing to the error log and 
either 1) ideally, don't log if the client IP is xxx.xxx.xxx.xxx, or 2) 
always log the client IP address with each error, which will enable us 
to filter those out manually after the fact.  Either solution is acceptable.

Apache provides a trivial solution for the access_log, in the form of:

    SetEnvIf Remote_Addr xxx.xxx.xxx.* nolog

... however, that solution does not extend to the error log.  I'm hoping 
there's a mod_perl "hook" that can allow me to change apache's error 
logging behaviour to what I need it to be.

Can someone point me in the right direction?

Mime
View raw message