varnisnsca , centralised logging, conditional logging of X-Fowarded-For
Daniel Carrillo
daniel.carrillo at gmail.com
Mon Jan 28 10:08:34 CET 2013
2013/1/28 Guy Brodie <GuyB at spc.int>:
> Hi Everyone,
Hi.
> I'm sure this must be answered somewhere, so I do apologise if this has been answered before.
>
> Problem: How to get _either_ X-Forwarded-For _or_ client.ip (in the absence of X-Forwarded-For) into a single NSCA formatted log file using varnish / varnishnsca.
>
> Situation: We host many sites through varnish, some of which are served via an upstream CDN - i.e. a proxy that supplies X-Forwarded-For, and some which don't - ie. There is no X-Forwarded-For and just a direct connection.
>
> I have tried the -f flag to varnishnsca, however it seems to only log an IP address for X-Forwarded-For if it exists, or '-' if it doesn't, meaning when I specify -f I lose all ip addresses for direct connections in the varnishnsca log file.
>
> I have followed tips to set X-Forwarded-For from client-ip using VCL, and that works for the downstream connections (the webservers can produce good logs), however I'm trying to get a single log file from varnish.
>
> (FWIW - this log file is to be parsed by AWStats)
> Varnish version: varnish-3.0.0 revision cbf1284
>
> I think I'm missing something obvious:
> * a custom log format or something?
You could use -F flag as follows:
-F format
Specify the log format used. If no format is specified
the default log format is used. Currently it is:
...
%{X}i The contents of request header X.
....
AFAIK you can't log conditionally as you ask, but in order to use
AWStats, a custom log seems enough for you.
Kind regards.
More information about the varnish-misc
mailing list