Did you just install mod_security or restart apache?
Do you want to make sure that mod_security is working? Well, if you have installed the CRS, then you are in luck! Here is a simple way to test operation.
First, set up a tail -f on whatever file you have mod_security logging violations/alerts to.
Next, from another linux box that has wget installed, run this command:
wget -O – -U “webtrends security analyzer” https://rp.vitamix.com
Finally, back in the audit log, you should see an alert logged. This is because the user agent “webtrends securiy analyzer” is blocked by CRS.