Hi Brandon, which version of Graylog are you using?
Cheers, Jochen On Tuesday, 8 November 2016 05:38:41 UTC+1, BKeep wrote: > > I have setup a proxy using apache and it is working okay except for a few > minor things. When I navigate to the user accounts page at > https:/server.domain.tld/system/authentication. The IP that shows up for > logged in users is 127.0.0.1 when the expected ip would be the remote > client. I did a little bit of googling and came across the RemoteIPHeader > directive but setting that didn't seem to make any difference. If anyone > can give some guidance I would appreciate it. > > # Listen for requests on port 80 > # NameVirtualHost *:80 > <VirtualHost *:80> > ServerName server > Redirect permanent / https://server.domain.tld/ > </VirtualHost> > > <VirtualHost *:443> > ServerName server.domain.tld > ProxyRequests Off > > # SSL Settings > SSLEngine on > SSLProtocol all -SSLv2 -SSLv3 > SSLCertificateFile /etc/pki/tls/certs/cert.crt > SSLCertificateKeyFile /etc/pki/tls/private/key.key > SSLCertificateChainFile /etc/pki/tls/certs/SHA256.crt > > <Proxy *> > Order deny,allow > Allow from all > </Proxy> > > RemoteIPHeader X-Forwarded-For > > <Location /> > RequestHeader set X-Graylog-Server-URL " > https://server.domain.tld/api/"; > ProxyPass http://127.0.0.1:9000/ > ProxyPassReverse http://127.0.0.1:9000/ > </Location> > <Location /api/> > ProxyPass http://127.0.0.1:9000/api/ > ProxyPassReverse http://127.0.0.1:9000/api/ > </Location> > </VirtualHost> > > Regards, > Brandon > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/c67f97b0-c4fe-4bdd-a907-32c1f6366748%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
