Macro expansion
You can include data from variables or collections in log messages or when you initialize other variables. This is called macro expansion, and is done by enclosing the variable or collection name in a percent sign and curly braces:
SecAction setenv:ADDR=%{REMOTE_ADDR}
It is important to note that when specifying a collection field in an action list you need to separate the collection name from the field name with a dot and not a colon:
SecRule "test" "log,msg:%{TX.0}"
Macro expansion is not currently supported in all circumstances (for example, the append and prepend actions currently don't support macro expansion).
