Forum Discussion
IIS Logs for Data Collection Rules - No x-forwarded-for
Hi, I use IIS logs in AMA to collect webserver logs in Sentinel.
This rule do not collect the field x-forwarded-for and I need this. I read on github that the MS team is working on adding support for the extensions fields but not sure when it happens.
Any of you solved this and how?
1 Reply
- Very important use case that needs to be supported! Currently looking at a similar situation that involves F5 fronting the websites and not having x-forwarded-for field available makes correlation very hard
