[Oisf-users] X-Real-IP and X-Real-Port headers from Akamai
C. L. Martinez
carlopmart at gmail.com
Mon Jul 9 10:41:33 UTC 2018
Hi all,
We have detected two Akamai headers that we can't to use them to trigger
alerts: X-Real-IP and X-Real-Port (we are using Suricata 4.1-beta1).
X-Real-IP appears as a second or third field under XFF, but we can't catch
them to trigger alerts.
Any idea how can we deal with this?
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180709/397790ad/attachment.html>
More information about the Oisf-users
mailing list