When running Policy Server, how to log the user's IP address in smaccess log in Policy Server? The IP Address captured in REMOTE_ADDR is the Load balancer (LB) IP Address instead of the user IP Address which is being audited as sm_client IP in smaccess logs currently.
X-forwarded-for and Client-IP headers are populating correct IP address for the user being authenticated. How to force the Web Agent to use either X-forwarded-for or Client-IP to be used while auditing?
Component: SMAPC
Release: Web Agent 12.52SP1CR11 on Apache 2.4.46 on RedHat 7
Setting the ACO parameter CustomIPHeader to X-forwarded-for should solve this issue. Please check the below documentation for reference.
There should be no need to change ProxyDefinition and/or RequireClientIP, just to include the X-forwarded-for in smaccess.log. Just set CustomIPHeader.
(1)
List of Agent Configuration Parameters
(2)
Default HTTP Headers Used by the Product