What must the developer do to capture the client public IP addresses in the log file?

By:
On:
In: DVA-C01
Tagged:
With: 0 Comments
A developer is writing an application to analyze the traffic to a fleet of Amazon EC2 instances.The EC2 instances run behind a public Application Load Balancer(ALB).An HTTP server runs on each of the EC2 instances, logging all requests to a log file.The developer wants to capture the client public IP addresses.The developer analyzes the log files and notices only the IP address of the ALB.

What must the developer do to capture the client public IP addresses in the log file?

Add a Host header to the HTTP server log configuration file.

Install the Amazon CloudWatch Logs agent on each EC2 instance. Configure the agent to write to the log file.

Install the AWS X-Ray daemon on each EC2 instance. Configure the daemon to write to the log file.

Add an X-Forwarded-For header to the HTTP server log configuration file.

Explanations:

The Host header contains the domain name of the request, not the client IP address. It does not provide the client’s public IP.

Installing the CloudWatch Logs agent on the EC2 instances does not help in capturing the client IP address. It is meant for sending logs to CloudWatch.

The AWS X-Ray daemon is used for tracing requests, but it does not specifically capture the client IP address in the logs.

The X-Forwarded-For header is added by the ALB to forward the original client IP address to the EC2 instances. Configuring the HTTP server to log this header will capture the client IP.

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − 10 =