Load Balancer + Client IP + Logging :: X-Forwarded-For header?
1,583 views
Skip to first unread message
Colin Harrington
Oct 25, 2010, 4:48:34 PM10/25/10
to groo...@googlegroups.com
So in a Load balanced environment how do folks log a users' IP address? Some of our logging has the Load Balancer's IP, but I'd like to have the end client's IP in our logs.
The request.getRemoteAddr() is returning the Load Balancer's IP. I've located the X-Forwarded-For header and we should have that available. How do people log clients IP addresses behind a Load balancer? Also do you guys log session IDs as well? What does your log4j configuration look like then?
Colin Harrington
colin.ha...@gmail.com
The request.getRemoteAddr() is returning the Load Balancer's IP. I've located the X-Forwarded-For header and we should have that available. How do people log clients IP addresses behind a Load balancer? Also do you guys log session IDs as well? What does your log4j configuration look like then?
Colin Harrington
colin.ha...@gmail.com
Jesse O'Neill-Oine
Oct 25, 2010, 5:09:00 PM10/25/10
to groo...@googlegroups.com
I think in our app we were able to configure the load balancer (HAProxy) to send the client ip instead. We've since switched to using Amazon ELB, so it works differently now, but I'd look into proxy config first.
Jesse
--
You received this message because you are subscribed to the "Groovy Users of Minnesota" group.
To post to this group, send email to groo...@googlegroups.com
To unsubscribe from this group, send email to groovymn-u...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/groovymn?hl=en
Dan Tanner
Oct 25, 2010, 5:11:43 PM10/25/10
to groo...@googlegroups.com
With BigIP, at least as of a few years ago and with the network dude I
worked with, he added a script to add the user's real IP to the
header. So it was some custom header field that I grabbed and logged
- not the expected original field name...maybe things have improved
since then. I then logged it across all requests via a filter.
Sounds like it might be a good serverfault question?
worked with, he added a script to add the user's real IP to the
header. So it was some custom header field that I grabbed and logged
- not the expected original field name...maybe things have improved
since then. I then logged it across all requests via a filter.
Sounds like it might be a good serverfault question?
On Mon, Oct 25, 2010 at 3:48 PM, Colin Harrington
<colin.ha...@gmail.com> wrote:
Colin Harrington
Oct 25, 2010, 5:53:05 PM10/25/10
to groo...@googlegroups.com
I don't think that spoofing/forwarding the IP from the load balancer is going to meet our security requirements.
Good Idea, I may start a thread there or stack overflow.
I found how to configure the tomcat access logs to include this header:
http://www.techstacks.com/howto/configure-access-logging-in-tomcat.html
and also found a conversion pattern for Log4j
http://code.google.com/p/gwt-log/source/browse/trunk/Log/clientserverdemo/log4j.xml?r=499
Looks like I'd have to add my own filter & conversion pattern to add the actual client IP and session ID
Giving it a try..
Colin Harrington
colin.ha...@gmail.com
Good Idea, I may start a thread there or stack overflow.
I found how to configure the tomcat access logs to include this header:
http://www.techstacks.com/howto/configure-access-logging-in-tomcat.html
and also found a conversion pattern for Log4j
http://code.google.com/p/gwt-log/source/browse/trunk/Log/clientserverdemo/log4j.xml?r=499
Looks like I'd have to add my own filter & conversion pattern to add the actual client IP and session ID
Giving it a try..
Colin Harrington
colin.ha...@gmail.com
Colin Harrington
Nov 4, 2010, 12:42:53 PM11/4/10
to groo...@googlegroups.com
I was able to get this to work:
Filter that put something (the X-Forwarded-For header) on the MDC and add a %X{xforwardedfor} in the log4j pattern.
beware of log hijacking...
Thanks again guys!
Colin Harrington
colin.ha...@gmail.com
Filter that put something (the X-Forwarded-For header) on the MDC and add a %X{xforwardedfor} in the log4j pattern.
beware of log hijacking...
Thanks again guys!
Colin Harrington
colin.ha...@gmail.com
Reply all
Reply to author
Forward
0 new messages