Forum Discussion
dennypayne
Jul 17, 2006Employee
You don't necessarily need a rule to do what you are requesting...I'm assuming from your description that there is a SNAT enabled on BIG-IP that is changing the client source IP (this is required if BIG-IP is not the default gateway of the servers).
You can insert an X-Forwaded-For header (or a custom header) in the HTTP headers that BIG-IP sends to the server in the request, and if the servers are configured to log that as well then you can see the client IP's in the server logs that way. See the manual section on custom headers Click here
For IIS, there is an ISAPI filter posted here on DevCentral to allow it to replace the client IP logged with the X-Forwarded-For header address. Click here
I'm not sure how to configure other servers to log X-Forwarded-For though.
The "bgz" in the example rule is just to show how to log if the URI contains "bgz"....if you are wanting to log everything then you don't need the conditional match. But beware that logging everything could be a performance hog.
Hope this helps,
Denny