I had a similar issue, especially since we have nodes split behind F5 and Netscaler, which both operate differently with respect to header preservation, modification.
Our solution was to write our own HeaderParser.pm module and register it as the handler of that apache phase, and attempt to derive the "real" client IP (parsing CLIENT_IP || X-Forwarded-For, etc.) and set that in a new header called "X-Derived-Client-IP", which the load balancers ignore. Also, we have a GUID cookie we use to identify unique clients, and we parse the cookies at that phase as set a "X-Derived-Client-ID" header. Then, at the normal LogHandler apache phase, we use the %{Header}i in our LogFormat configuration to get it in the access logs. We are running on the Apache 1.3* stack.
Hope this helps,
- Jeff
----- Original Message ----
From: Carl Johnstone <suppressed>
To: suppressed
Sent: Thursday, August 2, 2007 8:07:53 AM
Subject: reverse proxy/logging problem
Hi,
I've got a two-apache reverse proxy setup, split over two hosts.
The problem I've got is that I'd like to put the user_id in the access logs
so that our log analysis software can make use of it.
Setting apache->user correctly logs the user at the back-end however the IP
addresses are wrong, being the internal address of the front-end proxy. Also
requests dealt with purely at the front-end aren't logged.
Logging at the front-end means all requests are logged with the right IP
address. Additional bonuses for me are that those servers are less loaded,
and I'd be able to turn off logging at the back-end. However the user_id
isn't available.
Is there any easy way to pass the user_id from the back-end in such a way
the front-end could log it? Or is there another option?
Carl
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.