Add the Source IP of the DCCG traffic to the logs #202
Assignees
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current Implementation
The DCCG doesn't log the information SourceIP for the connection between the DCCG and national backend.
Suggested Enhancement
Currently DCCG have a piece of logic that extract from http headers the thumbprint of the mTLS certificate used to connect
This headers extraction logic should be able to add another field from the same data block containing the thumbprint.
--> The XFF : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For
What we would like to have is an additional field : sourceIP added to the logs (/ec/local/tomcat/logs/dgcg.log) with the value found in that XFF headers.
The Source IP (if governance is properly followed) are IP from national backends , and doesn’t contains private data.
Check with the developers on your side the complexity level of this change.
If the change is pushed into the codebase, we will then coordinate with the Splunk team for the actual deployment.
--> They want this to be pushed in phase (TST/ACC/PROD) to validate no side effect on the logs key/value extraction.
Expected Benefits
it helps the OPS team to improve the root cause analysis for any issue with the connection / transaction.
The text was updated successfully, but these errors were encountered: