In ML v8.0.1+ if the application is using the declarative rewriter, ( port 8000 and newly created REST servers do, user created HTTP servers can choose to supply a custom declarative rewriter ) - the rewriter can log a 'trace' event with the value of any HTTP header, which could be the - ("X-Forwarded-For") This will end up in ErrorLog.txt not AccesLog.txt.
The format of the AccessLog is fixed. It uses the directly connected IP address, and if available also the referrer, response-code, method, url, version, username , content-length, referrer, and user agent. ----------------------------------------------------------------------------- David Lee Lead Engineer MarkLogic Corporation d...@marklogic.com Phone: +1 812-482-5224 Cell: +1 812-630-7622 www.marklogic.com -----Original Message----- From: general-boun...@developer.marklogic.com [mailto:general-boun...@developer.marklogic.com] On Behalf Of David Sewell Sent: Friday, June 05, 2015 5:06 PM To: MarkLogic Developer Discussion Subject: Re: [MarkLogic Dev General] How to make ML show x-forwarded-for IP address in ML access logs Sorry, I didn't answer the question you actually asked... it would probably require a low-level intervention in the MarkLogic code to change what gets written to the access log, no clue about that. Sorry but would be interested to learn there is a solution, David On Fri, 5 Jun 2015, David Sewell wrote: > xdmp:get-request-header("X-Forwarded-For") ought to do it (if the HTTP > server is creating a header with just that spelling; that's what Apache does). > > We have a function we use to determine the actual source IP address > that you might be able to use or adapt: > > (:~ > : Ascertain IP address masked by Apache rewrites. > : > : @return The actual client address. > :) > > declare function user:get-actual-client-address() as xs:string { > let $apparentIP := xdmp:get-request-client-address() > let $forwardedFrom := xdmp:get-request-header("X-Forwarded-For") > return > if ((exists($forwardedFrom)) and ($apparentIP eq '127.0.0.1')) > then tokenize($forwardedFrom, ', ')[last()] > else $apparentIP > }; > > David > > On Fri, 5 Jun 2015, Danny Sinang wrote: > >> Our ML cluster is behind a load balancer, so the source ip address of >> the ML access logs show the load balancer's IP address. >> >> I'm told that the load balancer injects into the http request header >> the actual client ip address as "x-forwarded-for". >> >> Is there a way to make ML display the contents of this >> x-forwarded-for field ? >> >> Regards, >> Danny >> > > -- David Sewell, Editorial and Technical Manager ROTUNDA, The University of Virginia Press PO Box 400314, Charlottesville, VA 22904-4314 USA Email: dsew...@virginia.edu Tel: +1 434 924 9973 Web: http://rotunda.upress.virginia.edu/ _______________________________________________ General mailing list General@developer.marklogic.com Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general _______________________________________________ General mailing list General@developer.marklogic.com Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general