Hello,
I'm not sure this is a mod_perl question per se, but I'm hoping there's
a mod_perl solution to our problem.
We currently use a 3rd party security company to do a nessus-type
security audit on our site for PCI compliance. Their scans naturally
generate a lot of noise in the error log, to the point that legitimate
site errors are lost in the forest. What I'm hoping to find / create is
some kind of mechanism that can pre-empt writing to the error log and
either 1) ideally, don't log if the client IP is xxx.xxx.xxx.xxx, or 2)
always log the client IP address with each error, which will enable us
to filter those out manually after the fact. Either solution is acceptable.
Apache provides a trivial solution for the access_log, in the form of:
SetEnvIf Remote_Addr xxx.xxx.xxx.* nolog
... however, that solution does not extend to the error log. I'm hoping
there's a mod_perl "hook" that can allow me to change apache's error
logging behaviour to what I need it to be.
Can someone point me in the right direction?