varnisnsca , centralised logging, conditional logging of X-Fowarded-For
GuyB at spc.int
Mon Jan 28 02:57:59 CET 2013
I'm sure this must be answered somewhere, so I do apologise if this has been answered before.
Problem: How to get _either_ X-Forwarded-For _or_ client.ip (in the absence of X-Forwarded-For) into a single NSCA formatted log file using varnish / varnishnsca.
Situation: We host many sites through varnish, some of which are served via an upstream CDN - i.e. a proxy that supplies X-Forwarded-For, and some which don't - ie. There is no X-Forwarded-For and just a direct connection.
I have tried the -f flag to varnishnsca, however it seems to only log an IP address for X-Forwarded-For if it exists, or '-' if it doesn't, meaning when I specify -f I lose all ip addresses for direct connections in the varnishnsca log file.
I have followed tips to set X-Forwarded-For from client-ip using VCL, and that works for the downstream connections (the webservers can produce good logs), however I'm trying to get a single log file from varnish.
(FWIW - this log file is to be parsed by AWStats)
Varnish version: varnish-3.0.0 revision cbf1284
I think I'm missing something obvious:
* a custom log format or something?
* Or the -f functionality is not implemented conditionally as per the description in the bug report "log X-Forwarded-For instead of clientip if it exists" ( see https://www.varnish-cache.org/trac/ticket/335 )
* Or my X-Forwarded-For is present but blank (how could that be?)
* Question: Does modifying the X-Forwarded-for fields using VCL (in sub vcl_recv ) have any impact on what would be logged using varnishnsca ?
Any help appreciated!
Thanks for reading : -)
(Actually just found this post: https://www.varnish-cache.org/lists/pipermail/varnish-misc/2012-August/022381.html - exact same problem I think).
More information about the varnish-misc