Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SIEM Integration - Client IP address

IDAM09
Regular Contributor
Regular Contributor

‎10/07/2024 07:26 PM

Hello,

We have deployed the SIEM runtime analytics report, can you confirm that the client side IP address can also being captured.

 

  • The log field "IP Address" shows the origin of the request, which in all cases we can see is Cloudflare. Can we ingest additional data that would include the client IP whose request came through Cloudflare? (i.e. Does Saviynt application balancers log the "x-forwarded-for" header in HTTP requests? If so, can that information be presented in the same SIEM report or a different report?)

 

Thanks In Advance.

Labels:
0 Kudos
1 REPLY 1

rushikeshvartak
All-Star
All-Star

‎10/07/2024 08:03 PM

When a client request goes through Cloudflare or any proxy, the server receiving the request (in this case, Saviynt's application) will usually see Cloudflare’s IP address as the origin. Hence end user IP will not be available Please raise idea ticket for this requirement 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC