Forum Discussion

Altocumulus

Jul 18, 2019

Solved

X-Forwarded-For merged into c-ip in the Logs

This isn't a directly F5 question, but we do use an F5. Anyway, our security team wants us to merge the X-Forwarded-For IPs into the c-ip column. Does anyone know how to do this in IIS?

big-ip

devops

cjunior
Jul 18, 2019
Hi,
I hope the following links helps.
Regards.

https://support.f5.com/csp/article/K4816
https://support.microsoft.com/pt-br/help/4466879/customizing-iis-log-file-field-names-by-using-advanced-logging
https://devcentral.f5.com/s/articles/iis-x-forward-for-isapi-filter

Kyle74

Altocumulus

Jul 18, 2019

My boss shot both ideas down.

Any idea if we can change the column location for the XFF? Maybe have it before or after the Client IP?

cjunior

Nacreous

Jul 19, 2019

Hum, the ISAPI option was my choice on past.

Sorry, nothing more on mind at this time.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

X-Forwarded-For merged into c-ip in the Logs

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Related Content

Extracting X-Forwarded-For in Node.js

X-Forwarded-For Log Filter for Windows Servers

X Forwarded For Single Header Insert

TCP Option 28 X-Forwarded-For Header

IIS X-Forward-For ISAPI Filter

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS