X-Forwarding-For and IIS logging for non-transparent services

Logging client IP for non-transparent services through X-Forwarded-For for IIS Server 7 and up.

 

For non-transparent services where client IP logging is required on a webserver, X-Forwarded-For+(Via) can be configured under Advanced Options of the appropriate virtual service:

 

Note: This only works for http/https traffic.

The IIS Server has to be configured accordingly.

Advanced Logging will have to be installed and downloaded for this to work:

http://www.microsoft.com/en-gb/download/details.aspx?id=7211

 

 After installing the Advanced Logging Feature, go to the IIS Manager:

Navigate to the appropriate website, select Advanced Logging and Open Feature.

 

Click Edit Logging Fields and Add Field

 

Field ID, a friendly name

Category, Default

Source type, Request Header

Source name, x-forwarded-for (syntax important)

 

Then click Add Log Definition in the Actions Pane

Give a name to the new definition (no spaces)

Click Select Field under Selected Fields:

 

Select your new rule from the list:

 

Click OK and Apply in the Action pane. When you now click Return to Advanced Logging, the new rule will appear:

 

Now generate some log traffic by navigating to the website and hitting refresh a few times.

Go to your location for advanced logfiles and look for the new logfiles and open.

The default location is LocalDisc>intetpub>logs>AdvancedLogs>Default Web Site.

 

Was this article helpful?

0 out of 0 found this helpful

Comments

Avatar
Steven Unsworth

These directions are so wrong it's embarrassing!

Avatar
brownra

If you are using Microsoft IIS 8.5, I highly recommend using "Enhanced Logging". Please reference this link for more detail - http://www.loadbalancer.org/blog/iis-and-x-forwarded-for-header.