I have a web application that I run on three servers, and it is behind an AWS load balancer. The app runs Apache, and using X_FORWARDED I can save in the logs the remote ip of the users.
We recently started using Graylog (a week ago), and I’m trying to configure sending logs from Apache to Graylog. Sending via Rsyslog was easy. But not overly usable. Then I configured the apache_mod_gelf module, and it works perfectly except for one very important detail. It records the ip of the load balancer instead of the remote IP.
I’m still looking for a way to send the Apache logs to Graylog in GELF format, and so far I can’t find the key. Has anyone been able to configure it behind a load balancer?
Many thanks in advance.