[modsecurity] Update documentation#17410
Merged
theletterf merged 16 commits intoelastic:mainfrom Feb 25, 2026
Merged
Conversation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
Vale Linting ResultsSummary: 9 warnings, 5 suggestions found
|
| File | Line | Rule | Message |
|---|---|---|---|
| packages/modsecurity/_dev/build/docs/README.md | 69 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/_dev/build/docs/README.md | 69 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/_dev/build/docs/README.md | 91 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/docs/README.md | 69 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/docs/README.md | 69 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/docs/README.md | 91 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/docs/README.md | 188 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'. |
| packages/modsecurity/docs/knowledge_base/service_info.md | 65 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
| packages/modsecurity/docs/knowledge_base/service_info.md | 87 | Elastic.Latinisms | Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'. |
💡 Suggestions (5)
| File | Line | Rule | Message |
|---|---|---|---|
| packages/modsecurity/_dev/build/docs/README.md | 3 | Elastic.WordChoice | Consider using 'can, might' instead of 'may', unless the term is in the UI. |
| packages/modsecurity/_dev/build/docs/README.md | 91 | Elastic.Semicolons | Use semicolons judiciously. |
| packages/modsecurity/docs/README.md | 3 | Elastic.WordChoice | Consider using 'can, might' instead of 'may', unless the term is in the UI. |
| packages/modsecurity/docs/README.md | 91 | Elastic.Semicolons | Use semicolons judiciously. |
| packages/modsecurity/docs/knowledge_base/service_info.md | 87 | Elastic.Semicolons | Use semicolons judiciously. |
The Vale linter checks documentation changes against the Elastic Docs style guide.
To use Vale locally or report issues, refer to Elastic style guide for Vale.
ilyannn
added
documentation
Replace Latin term "via" with "using"/"through" and "see" with "get" per Elastic docs style guide. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add ModSecurity v2 for Apache (v2.9.x) to compatibility section - Soften Part K exclusion from "must"/"CRITICAL" to recommendation - Clarify event.original requires preserve_original_event enabled - Fix inconsistent SecAuditLogParts in troubleshooting section Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Reflects factual corrections in service_info.md: - Compatibility section now notes v2 Apache test coverage - Part K exclusion softened to recommendation - Validation step clarifies event.original requires opt-in - Consistent SecAuditLogParts across setup and troubleshooting Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove two Gemini-generated AI disclaimers not present in other integration docs. Replace "via" with "using" per Elastic style guide. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Align troubleshooting recommendation with setup section. Part H (audit trailer) contains useful action and timing data. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove link to this same integration doc page and generic Elastic Agent Troubleshooting link from vendor documentation sections. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
🚀 Benchmarks reportTo see the full report comment with |
… vendor sections The Apache support was added in PR elastic#3363 for ModSecurity v2 (2.9.x), not v3 with the Apache connector. Updated compatibility to reflect what is actually tested. Removed duplicate vendor resource sections and circular self-referencing links. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Pinging @elastic/integration-experience (Team:Integration-Experience) |
mjwolf
reviewed
Feb 19, 2026
Contributor
mjwolf
left a comment
mjwolf
left a comment
There was a problem hiding this comment.
This looks good! Thanks for working on it.
There's just one list that should be removed. It was a mistake in the generator that it was added
Co-authored-by: Michael Wolf <michael.wolf@elastic.co>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
💚 Build Succeeded
History
cc @ilyannn |
jrmolin
approved these changes
Feb 24, 2026
Contributor
jrmolin
left a comment
jrmolin
left a comment
There was a problem hiding this comment.
please fix the reasonable vale recommendations
Contributor
Author
Which ones do you consider reasonable? I think I already fixed everything I could. |
Member
|
Most of those are false positives we need to fix in the Vale rules. We can disregard. |
theletterf
approved these changes
Feb 25, 2026
6 tasks
|
Package modsecurity - 1.23.0 containing this change is available at https://epr.elastic.co/package/modsecurity/1.23.0/ |
Member
|
Alas, we don't accept |
navnit-elastic
pushed a commit
to navnit-elastic/integrations
that referenced
this pull request
Mar 2, 2026
* [modsecurity] Update documentation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update changelog PR link to elastic#17410 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix Vale linting warnings in modsecurity docs Replace Latin term "via" with "using"/"through" and "see" with "get" per Elastic docs style guide. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Update modsecurity service_info.md with factual corrections - Add ModSecurity v2 for Apache (v2.9.x) to compatibility section - Soften Part K exclusion from "must"/"CRITICAL" to recommendation - Clarify event.original requires preserve_original_event enabled - Fix inconsistent SecAuditLogParts in troubleshooting section Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Regenerate modsecurity docs from corrected knowledge base Reflects factual corrections in service_info.md: - Compatibility section now notes v2 Apache test coverage - Part K exclusion softened to recommendation - Validation step clarifies event.original requires opt-in - Consistent SecAuditLogParts across setup and troubleshooting Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove AI disclaimers and fix Vale style violations Remove two Gemini-generated AI disclaimers not present in other integration docs. Replace "via" with "using" per Elastic style guide. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Add validated AI-assisted disclaimer to modsecurity docs Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Use consistent SecAuditLogParts ABFHJZ across docs Align troubleshooting recommendation with setup section. Part H (audit trailer) contains useful action and timing data. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove 'Note that' from compatibility section Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove self-referential and misplaced links from docs Remove link to this same integration doc page and generic Elastic Agent Troubleshooting link from vendor documentation sections. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix compatibility: list v2 for Apache instead of v3, remove duplicate vendor sections The Apache support was added in PR elastic#3363 for ModSecurity v2 (2.9.x), not v3 with the Apache connector. Updated compatibility to reflect what is actually tested. Removed duplicate vendor resource sections and circular self-referencing links. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Review feedback Co-authored-by: Michael Wolf <michael.wolf@elastic.co> * Rebuild docs to remove generated use-case list Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Michael Wolf <michael.wolf@elastic.co>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
service_info.mdknowledge base with reviewed, fact-checked integration detailselastic-package update documentationto follow the new template structuredocs_structure_enforcedvalidationBreaking Changes in Docs
Compared to the previous docs, we:
modsec-audit.jsonfile name in examples rather thanmodsec_audit.jsonSecAuditLogType Serialas criticalABFHJZparts as an example (wasABDEFHIJZpreviously)Kibana rendering
Note the code in numbered list looks like this but this apparently how our rendering works (perhaps we should reduce the indent of code in the lists in this case?). GitHub does not like this formatting either.
Test plan
elastic-package checkpasses (tested with both system and dev builds)service_info.mdground truthCloses https://github.com/elastic/integration-experience/issues/456
🤖 These documentation changes have been largely GenAI-generated as per our protocol. Additionally, Claude Code was used for factual review and as a harness for editing/commit/PR generation under our editorial supervision.