Just download KALI Linux (or similar) and run a few Web-based attacks against your server (you can easily Google a few how-to videos). Your error log should lit-up with mod security records. Analyze the logs. i.e.: (analyze the logs)
1) Make sure to run the test-attack against your server only
2) Run it from different IP than your's. Some hosting companies trying to prevent their users from pentesting their own servers/sites (which makes no sense to me)