You can configure the firewall to add the
XFF values from web requests to URL Filtering logs. The XFF values
that the logs display can be client IP addresses, usernames if available,
or any values of up to 128 characters that the XFF fields store.
Attach the URL Filtering profile to a policy rule.
Select
Policies
Security
and click the rule.
Select the
Actions
tab, set
the
Profile Type
to
Profiles
,
and select the
URL Filtering
profile you
just created.
Click
OK
and
Commit
.
Verify the firewall is logging XFF values.
Select
Monitor
Logs
URL Filtering
.
Display the XFF values in one of the following ways:
To display the XFF value for a single log—Click
the
icon for the log to displays
its details. The HTTP Headers section displays the X-Forwarded-For
value.
To display the XFF values for all logs—Open the drop-down
in any column header, select
Columns
, and
select
X-Forwarded-For
. The page then displays
an X-Forwarded-For column.