1[
2  {
3    "enabled":1,
4    "version_min":300000,
5    "version_max":0,
6    "title":"SecComponentSignature",
7    "client": {
8      "ip": "200.249.12.31",
9      "port": 2313
10    },
11    "server": {
12      "ip": "200.249.12.31",
13      "port": 80
14    },
15    "request": {
16      "headers": {
17        "Host": "www.modsecurity.org",
18        "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
19        "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
20        "Accept-Language": "en-us,en;q=0.5",
21        "Accept-Encoding": "gzip,deflate",
22        "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
23        "Keep-Alive": "300",
24        "Connection": "keep-alive",
25        "Pragma": "no-cache",
26        "Cache-Control": "no-cache"
27      },
28      "uri": "\/test.pl?param1=   test   &param2=test2",
29      "method": "GET",
30      "http_version": 1.1,
31      "body": ""
32    },
33    "response": {
34      "headers": {
35        "Content-Type": "plain\/text\n\r"
36      },
37      "body": [
38        "test"
39      ]
40    },
41    "expected":{
42      "audit_log":"",
43      "debug_log":".*",
44      "error_log":"",
45      "http_code": 403
46    },
47    "rules":[
48      "SecRuleEngine On",
49      "SecComponentSignature \"OWASP_CRS/2.2.9\"",
50      "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:403,auditlog\""
51    ]
52  }
53]
54