Its a 2 days and cannot even break the log into section .
My log is down below.
[Wed Sep 05 11:45:56.601060 2018] [:error] [pid 5303:tid 140044044035840] [client 192.168.1.3:51297] [client 192.168.1.3] ModSecurity: Warning. Matched phrase "bin/bash" at ARGS:exec. [file "/usr/share/modsecurity-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "503"] [id "932160"] [msg "Remote Command Execution: Unix Shell Code Found"] [data "Matched Data: bin/bash found within ARGS:exec: /bin/bash"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.0"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "attack-rce"] [tag "OWASP_CRS/WEB_ATTACK/COMMAND_INJECTION"] [tag "WASCTC/WASC-31"] [tag "OWASP_TOP_10/A1"] [tag "PCI/6.5.2"] [hostname "192.168.1.4"] [uri "/index.html"] [unique_id "W490nPk6P93iw-4gBOMpLAAAAA8"]
fields i need are marked in bold.
can any one help me with a example configuration file for filtering.?