Home | About Me
| | | | | | | | | |

How to properly log ClientIP on Apache2 behind Load Balancer?

Random | 18 Nov 2014
Tags: apache2, log, x-forwarded-for


This case will help you to log to apache server any traffic coming from the load balancer, proxy or any IDS.

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog ${APACHE_LOG_DIR}/access_log combined env=!forwarded
CustomLog ${APACHE_LOG_DIR}/access_log proxy env=forwarded

Where are Apache2 Logs?

The default location of apache log files on ubuntu server apache2 installation is:

/var/www/apache2/access.log

in order to view the log file contents you can use any of the following commands:

displays the whole contents of the log file

cat /var/www/apache2/access.log

shows the contents from the end of access.log file and wait to display any additional logs appended to the end of the file

tail -f /var/www/apache2/access.log

displays the last 100 mb of the apache2 log file

tail -c 104857600 /var/log/apache2/access.log

 

If you would like to extract the last 100 mb of the log file to some other file, you can achieve this by executing the command:

tail -c 204857600 /var/log/apache2/access_sacoffice_log > log.log

After this, you can download the log file and check the logs ! :)