Link to home
Create AccountLog in
Avatar of wsani
wsaniFlag for United States of America

asked on

Setting up Apache logging for X-Forwarded-For

Hi,

I have Apache web servers behind a Cisco ACE content switch. Since the ACE is configured with SNAT, I only see the IP addresses of the NAT Pool for the ACE. Here is my current Apache virtual host configuration:

  <IfModule log_config_module>
    LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" "combined"
    #LogFormat "\"%{%Y-%m-%d %H:%M:%S}t\" %V %m \"%U\" \"%q\" %{Content-Type}o %s %B %D" "responsetime"
    LogFormat "%h %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" "combined"
    LogFormat "%h %l %u %t \"%r\" %>s %b %D" "combined"
  </IfModule>

  LogLevel warn

    SetEnvIf Remote_Addr 127.0.0.1 nolog
    SetEnvIf Remote_Addr 10.20.50.26 nolog


  ErrorLog /var/www/vhosts/test/logs/error.log
  CustomLog /var/www/vhosts/test/logs/access.log "combined" env=!nolog
  #CustomLog /var/www/vhosts/test/logs/responsetime.log "responsetime"

Open in new window


Can you tell me what I need to do to Apache to log-in the client-IP to access.log?

Note: I have already configured the ACE to inject X-FORWARDED-FOR in the HTTP header.
ASKER CERTIFIED SOLUTION
Avatar of Graham N.
Graham N.
Flag of United Arab Emirates image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.