User Audit
Added in version 1.7.0.
User-audit configuration lets you tighten or relax audit behavior for one user without changing the server-wide auditor.
enable_protocol_inspection
optional, type: bool
Controls whether protocol inspection is enabled.
Protocol inspection is enabled for a request only when this is true and
auditing is enabled on both the server side and the user side.
default: false
prohibit_unknown_protocol
optional, type: bool
Controls whether unknown protocols are blocked when protocol inspection is enabled.
default: false
prohibit_timeout_protocol
optional, type: bool
We need to read the initial data to check the protocol type, and we can set the timeout value via the data0_read_timeout config option in auditor protocol inspection config.
Controls whether the protocol should be blocked when inspection times out.
default: true
Added in version 1.9.1.
task_audit_ratio
optional, type: random ratio
Sampling ratio for task-level auditing, such as ICAP REQMOD and
RESPMOD, on incoming user requests.
This setting also controls whether protocol inspection is actually enabled for a specific user request.
If set, this overrides the task audit ratio configured on the auditor.
default: not set, alias: application_audit_ratio
Added in version 1.7.4.