User Audit

Added in version 1.7.0.

User-audit configuration lets you tighten or relax audit behavior for one user without changing the server-wide auditor.

enable_protocol_inspection

optional, type: bool

Controls whether protocol inspection is enabled.

Protocol inspection is enabled for a request only when this is true and auditing is enabled on both the server side and the user side.

default: false

prohibit_unknown_protocol

optional, type: bool

Controls whether unknown protocols are blocked when protocol inspection is enabled.

default: false

prohibit_timeout_protocol

optional, type: bool

We need to read the initial data to check the protocol type, and we can set the timeout value via the data0_read_timeout config option in auditor protocol inspection config.

Controls whether the protocol should be blocked when inspection times out.

default: true

Added in version 1.9.1.

task_audit_ratio

optional, type: random ratio

Sampling ratio for task-level auditing, such as ICAP REQMOD and RESPMOD, on incoming user requests.

This setting also controls whether protocol inspection is actually enabled for a specific user request.

If set, this overrides the task audit ratio configured on the auditor.

default: not set, alias: application_audit_ratio

Added in version 1.7.4.