[Test] Ensure `waf-enforcer` logs appear in security logs when sending logs to a syslog server when IPv6 is `disabled`

[shaun-nx]

Overview

The goal of this story is to confirm that, when I deploying NGINX Ingress Controller with NGINX AppProtect v5, logs from the waf-enforcer will appear in App Protect's security logs when logs are configured to send to a syslog server when IPv6 is disabled

Context

When configuring a VirtualServer with a WAF Policy, App Protect Security Logs can be configured to output logs to a syslog server
See our WAF Policy configuration for details on how we expose configuring security logs.

The latest release of AppProtect addresses a bug where logs from the waf-enforcer pod do not appear in the security logs when security logs are configured to send to a syslog server.

To enable the BD_MISC debug logs you just need to override/mount an /etc/app_protect/bd/logger.cfg file to the waf-enforcer container with the following contents:

MODULE=BD_MISC;
LOG_LEVEL=TS_INFO | TS_DEBUG;
FILE = 2;

MODULE = ALL;
LOG_LEVEL = TS_ERR | TS_CRIT | TS_WARNING | TS_NOTICE;
FILE=2;

Acceptance Criteria

• Confirm logs from the waf-enforcer appear in security logs when security logs are configured to send to a syslog server, and IPv6 is disabled at the in the kernel of the kubernetes host

[github-actions]

Hi @shaun-nx thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this 🙂

Cheers!