I'm new to Elastic and need help to find the real IP of nginx site visitor.
The environment I have is Nginx module installed in Filebeat and reading the data passed via logstash to elasticsearch and viewed in kibana.
The site I have is proxied via Cloudflare, and as the documentation says here:
Is that (nginx.access.remote_ip_list) will read the X-Forwarded-For (which is the real ip of visitor and not cloudflare's IP)
But when checking this field in kibana, it gives Cloudflare's IP.
What shall I do to get the Real visitor IP?