Hi,
I've configured our Fortiwebs to process the x-forwarded-for header to log the actual client IP. In the acccess log this is logged and we can now have a "original source" column with the actual IP, the geo location etc. However in the attack logs, this column does not exist, nor is the x-fowarded-for header logged. Does anyone know how to turn this on for the attack logs?
Hi Julioo
Your message is tagged "FortiGate". Do you mean that you enabled x-forward-for at FortiGate level and then it is seen at FortiWeb level?
User | Count |
---|---|
983 | |
818 | |
446 | |
440 | |
130 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.