What must the developer do to capture the client public IP addresses in the log file?

By:
On:
In: DVA-C02
Tagged:
With: 0 Comments
A developer is writing an application to analyze the traffic to a fleet of Amazon EC2 instances.The EC2 instances run behind a public Application Load Balancer (ALB).An HTTP server runs on each of the EC2 instances, logging all requests to a log file.The developer wants to capture the client public IP addresses.The developer analyzes the log files and notices only the IP address of the ALB.

What must the developer do to capture the client public IP addresses in the log file?

Add a Host header to the HTTP server log configuration file.

Install the Amazon CloudWatch Logs agent on each EC2 instance. Configure the agent to write to the log file.

Install the AWS X-Ray daemon on each EC2 instance. Configure the daemon to write to the log file.

Add an X-Forwarded-For header to the HTTP server log configuration file.

Explanations:

Adding a Host header to the log configuration does not affect the capture of the client’s IP address. The Host header contains the domain name of the server being requested, not the client’s IP.

Installing the Amazon CloudWatch Logs agent would allow logging to CloudWatch, but it does not change what the HTTP server logs. The logs would still only capture the ALB IP unless modified to include the client IP.

The AWS X-Ray daemon is used for tracing requests in applications, not for capturing client IP addresses in log files. It does not modify the log output to include the X-Forwarded-For header.

Adding an X-Forwarded-For header to the HTTP server log configuration allows the server to log the original client IP address forwarded by the ALB. This is the standard way to capture the true client IP in scenarios where requests pass through a load balancer.

Leave a Reply

Your email address will not be published. Required fields are marked *

four + 17 =