[Oisf-users] X-Real-IP and X-Real-Port headers from Akamai

C. L. Martinez carlopmart at gmail.com
Mon Jul 9 10:41:33 UTC 2018

Hi all,

 We have detected two Akamai headers that we can't to use them to trigger
alerts: X-Real-IP and X-Real-Port (we are using Suricata 4.1-beta1).

 X-Real-IP appears as a second or third field under XFF, but we can't catch
them to trigger alerts.

 Any idea how can we deal with this?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180709/397790ad/attachment.html>

More information about the Oisf-users mailing list