[Oisf-users] X-Real-IP and X-Real-Port headers from Akamai
C. L. Martinez
carlopmart at gmail.com
Wed Jul 11 15:04:40 UTC 2018
Please, any tip?
On Mon, Jul 9, 2018 at 12:41 PM, C. L. Martinez <carlopmart at gmail.com>
wrote:
> Hi all,
>
> We have detected two Akamai headers that we can't to use them to trigger
> alerts: X-Real-IP and X-Real-Port (we are using Suricata 4.1-beta1).
>
> X-Real-IP appears as a second or third field under XFF, but we can't
> catch them to trigger alerts.
>
> Any idea how can we deal with this?
>
> Thanks.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180711/612e9739/attachment.html>
More information about the Oisf-users
mailing list