APM Agent language and version: Java agent (elastic-apm-rum.umd-5.6.1.js)
Browser version: different browsers
Original install method (e.g. download page, yum, deb, from source, etc.) and version: deb
Fresh install or upgraded from other version? Upgraded regularely
Is there anything special in your setup? For example, are you using the Logstash or Kafka outputs? Are you using a load balancer in front of the APM Servers? Have you changed index pattern, generated custom templates, changed agent configuration etc.
We have instrumented the Java Agents in the backend of the application and also added RUM in the frontend. We see data from both (backend and frontend)
Description of the problem including expected versus actual behavior. Please include screenshots (if relevant):
APM in Kibana shows at client IP always the internal IP of the Java Agent, not the real IP from the end user who is tracked by apm rum.
Therefore, no real breakdown of User Experience > " Page load duration by region" is possible.
"Page load duration by region" is empty.
Steps to reproduce:
Fire RUM Events in browser
Errors in browser console (if relevant): no errors in browser console
Provide logs and/or server output (if relevant): no logs regarding issue
Maybe I got some more insight to this, it looks like we don't see the correct IP as it is behind a WAF (Web Application firewall) ...
The real client IP is in a request header.
In Logstash I am able to map this request header to a specific field.
Is there any possibility to use this request header information in APM - Server, so that it is used as client.ip?
, so a name defined by us with the name of the Web Application Firewall in it (here with placeholder {WAF}). So I guess therefore APM server is not picking this, but the question is if i can configure APM-Server to use a specific header
So I guess therefore APM server is not picking this, but the question is if i can configure APM-Server to use a specific header
Right, it's not picking that up. There's currently no way to configure APM Server to use another header for this. We could add configuration, but I'd like to know more about the problem first:
Which WAF are you using?
Is there an option to use a more standard header instead?
Is there some way we can reasonably automatically detect these headers? (Probaby depends on answer to #1.)
Thanks for your answer, that this is not possible with APM server in the moment.
We will check to reconfigure WAF or put a proxy or something before the APM server to forward the client IP in a standard header, should be able to solve it that way.
@axw we reconfigured our environment to forward the client IP in a header which is picked up by APM server and this works now. So no need to add configuration or something for us.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.