Issue Is it possible to add query-string in error_log (ModSecurity)?

[Azurel]

In subscription error_log I found this kind of entries:

[Thu Apr 23 12:46:58.707718 2020] [:error] [pid 23156] [client 2600:.....:c6cb] ModSecurity:  [file "/etc/httpd/conf/modsecurity.d/rules/tortix/modsec/50_plesk_basic_asl_rules.conf"] [line "253"] [id "33340149"] [rev "152"] [msg "Protected by Atomicorp.com Basic Non-Realtime WAF Rules: Potential Cross Site Scripting Attack"] [data "shell:"] [severity "CRITICAL"] Access denied with code 403 (phase 2). Pattern match "(?:< ?i?frame ?src ?= ?(?:ogg|gopher|data|php|zlib|(?:ht|f)tps?):/|(?:\\\\.add|\\\\@)import |asfunction\\\\:|background-image\\\\:|e(?:cma|xec)script|\\\\.fromcharcode|get(?:parentfolder|specialfolder)|\\\\.innerhtml|\\\\< ?input|(?:/|<) ?(?:java|live|j|vb)script!s| ..." at REQUEST_URI. [hostname "www.example.com"] [uri "/path1/path2/"] [unique_id "Xq....AE"]

Without the query string, however, this is not very helpful to be able to look up what the attack was or even to be able to change some of your parameters because false positive.
Is here a setting to add query string behind "[uri ...]"?

 

[IgorG]

If I'm not mistaken, this is more a question for Atomic, not for Plesk. It's their ruleset.