This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

how to see the user actual IP on cloud logging records?

Posted on 05-28-2023 06:41 PM
cleonchen
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

We are running a proxy (Nginx) in front of external LB.

We want to view the real customer IP in "Logs explorer > Cloud HTTP load balancer" but it seems that it can't use custom headers (like x-forwarded-for or real.ip ) in logs explorer.

It only contains semantics defined by the HTTP spec and you should use another tool to extract the information from these headers.

Can anyone confirm that there's no way to get the real ip (not the one from the cloudflare servers) as the remoteIP field in Logs explorer?

Thanks in advance and best regards.

0 2 1,317
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @cleonchen ,

If you are using the Logs Explorer, entries will not directly show the client's real IP address, specifically for HTTP Load Balancer logs. You can use the custom headers for your backend by passing the client's IP address. From there, log entries will contain the IP addresse/s.

You can follow these steps to accomplish this :

1. First, in your backend, specify the commands/codes that will filter the client's IP address from a custom header. Take note to include it to the log entries. 

2. Next, for the configuration of the load balancer, the custom header should be configured to add the IP address as a custom header. You can modify it on the "Backend configuration" of the load balancer. You can refer to the example configuration below. Here, "X-Forwarded-For" header was used:

 

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: my-ingress
spec:
  rules:
  - http:
      paths:
      - path: /*
        backend:
          serviceName: my-service
          servicePort: 80
  backendConfig:
    apiVersion: cloud.google.com/v1beta1
    kind: BackendConfig
    metadata:
      name: my-backend-config
    spec:
      backend:
        protocol: HTTP
        healthCheck:
          requestPath: /health
        customRequestHeaders:
          headers:
          - name: X-Forwarded-For
            value: "$remote_addr"

4. Once you're done with this, try extracting the IP address in your application. After the LB adds the client's IP address to the custom header, you will be able to extract it from your code, and include it in your log entries.

You can check this documentation about custom headers for more details.

Posted on --/--/---- --:-- AM
cleonchen
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

ok,thx~
Can also confirm that there's no way to get the real ip (not the one from the cloudflare servers) as the remoteIP field in Logs explorer?

0 Likes
Top Labels in this Space
Top Solution Authors
View all