...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<appender name="IDP_SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender"> <SyslogHost>syslog.example.org</SyslogHost> <Port>514</Port> <Facility>AUTH</Facility> <SuffixPattern>[%logger:%line] %msg</SuffixPattern> </appender> <!-- add syslog appender at root logger level --> <root> <appender-ref ref="IDP_SYSLOG" /> </root> |
Logging Behind a Reverse Proxy
The Shibboleth IdP will log whatever IP address is given to it by the servlet container. If there is a load balancer in front of the IdP, then the logs may display the load balancer's IP rather than real client addresses. Logging the real IP address requires changing the servlet container to set the context IP address to a variable set by the load balancer like X-Forwarded-For.