varnisnsca , centralised logging, conditional logging of X-Fowarded-For

Daniel Carrillo daniel.carrillo at
Mon Jan 28 10:08:34 CET 2013

2013/1/28 Guy Brodie <GuyB at>:
> Hi Everyone,


> I'm sure this must be answered somewhere, so I do apologise if this has been answered before.
> Problem:  How to get _either_   X-Forwarded-For  _or_ client.ip (in the absence of X-Forwarded-For) into a single NSCA formatted log file using varnish / varnishnsca.
> Situation:  We host many sites through varnish, some of which are served via an upstream CDN  - i.e. a proxy that supplies X-Forwarded-For,  and some which don't - ie. There is no X-Forwarded-For and just a direct connection.
> I have tried the -f flag to varnishnsca,  however it seems to only log an IP address for  X-Forwarded-For   if it exists, or '-' if it doesn't, meaning when I specify -f I lose all ip addresses for direct connections in the varnishnsca log file.
> I have followed tips to set X-Forwarded-For from client-ip using VCL,  and that works for the downstream connections (the webservers can produce good logs),  however I'm trying to get a single  log file from varnish.
> (FWIW - this log file is to be parsed by AWStats)
> Varnish version: varnish-3.0.0 revision cbf1284
> I think I'm missing something obvious:
> * a custom log format or something?

You could use -F flag as follows:

 -F format
              Specify the log format used. If no format is specified
the default log format is used. Currently it is:
             %{X}i  The contents of request header X.

AFAIK you can't log conditionally as you ask, but in order to use
AWStats, a custom log seems enough for you.

Kind regards.

More information about the varnish-misc mailing list