From 4c0fd492ee4cf7093eca7199c8c8262a38c653c5 Mon Sep 17 00:00:00 2001
From: Steve Wilkerson <wilkers.steve@gmail.com>
Date: Mon, 25 Feb 2019 09:21:41 -0600
Subject: [PATCH] Update logging format and config for apache reverse proxies

This updates the logging format and configuration for the apache
reverse proxies used for elasticsearch, kibana, nagios and
prometheus to enable logging of the remote clients used to access
these services

Change-Id: Id07e4294ea18203fbb890b78424a232c2d59cb82
---
 elasticsearch/values.yaml |  8 +++++---
 kibana/values.yaml        | 10 +++++++---
 nagios/values.yaml        |  8 +++++---
 prometheus/values.yaml    |  8 +++++---
 4 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml
index 6ce3ef675..f214cef84 100644
--- a/elasticsearch/values.yaml
+++ b/elasticsearch/values.yaml
@@ -284,16 +284,18 @@ conf:
     LogLevel warn
 
     <IfModule log_config_module>
-        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
         LogFormat "%h %l %u %t \"%r\" %>s %b" common
 
         <IfModule logio_module>
-          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+          LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
         </IfModule>
 
+        SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
         CustomLog /dev/stdout common
-
         CustomLog /dev/stdout combined
+        CustomLog /dev/stdout proxy env=forwarded
     </IfModule>
 
     <Directory "/usr/local/apache2/cgi-bin">
diff --git a/kibana/values.yaml b/kibana/values.yaml
index 99bdb18d5..530dd6f12 100644
--- a/kibana/values.yaml
+++ b/kibana/values.yaml
@@ -143,6 +143,7 @@ conf:
     LoadModule proxy_connect_module modules/mod_proxy_connect.so
     LoadModule proxy_http_module modules/mod_proxy_http.so
     LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
+    LoadModule remoteip_module modules/mod_remoteip.so
     LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
     LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
     LoadModule unixd_module modules/mod_unixd.so
@@ -168,16 +169,18 @@ conf:
     LogLevel warn
 
     <IfModule log_config_module>
-        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
         LogFormat "%h %l %u %t \"%r\" %>s %b" common
 
         <IfModule logio_module>
-          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+          LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
         </IfModule>
 
+        SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
         CustomLog /dev/stdout common
-
         CustomLog /dev/stdout combined
+        CustomLog /dev/stdout proxy env=forwarded
     </IfModule>
 
     <Directory "/usr/local/apache2/cgi-bin">
@@ -195,6 +198,7 @@ conf:
     </IfModule>
 
     <VirtualHost *:80>
+      RemoteIPHeader X-Original-Forwarded-For
       <Location />
           ProxyPass http://localhost:{{ tuple "kibana" "internal" "kibana" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/
           ProxyPassReverse http://localhost:{{ tuple "kibana" "internal" "kibana" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}/
diff --git a/nagios/values.yaml b/nagios/values.yaml
index cd9401e02..c0cdeed52 100644
--- a/nagios/values.yaml
+++ b/nagios/values.yaml
@@ -289,16 +289,18 @@ conf:
     LogLevel warn
 
     <IfModule log_config_module>
-        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
         LogFormat "%h %l %u %t \"%r\" %>s %b" common
 
         <IfModule logio_module>
-          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+          LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
         </IfModule>
 
+        SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
         CustomLog /dev/stdout common
-
         CustomLog /dev/stdout combined
+        CustomLog /dev/stdout proxy env=forwarded
     </IfModule>
 
     <Directory "/usr/local/apache2/cgi-bin">
diff --git a/prometheus/values.yaml b/prometheus/values.yaml
index 22e1c073b..e8993afec 100644
--- a/prometheus/values.yaml
+++ b/prometheus/values.yaml
@@ -295,16 +295,18 @@ conf:
     LogLevel warn
 
     <IfModule log_config_module>
-        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+        LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
         LogFormat "%h %l %u %t \"%r\" %>s %b" common
 
         <IfModule logio_module>
-          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+          LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
         </IfModule>
 
+        SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
         CustomLog /dev/stdout common
-
         CustomLog /dev/stdout combined
+        CustomLog /dev/stdout proxy env=forwarded
     </IfModule>
 
     <Directory "/usr/local/apache2/cgi-bin">