Skip to main content
Skip table of contents

Whitelist X-forwarded Header Information from PCAP File

This document discusses how to retrieve the X-Forwarded-For (XFF) IP address from packet captures (PCAP) files after creating the case from events.

X-Forwarded-For is an HTTP header used to track the original IP address of a user connecting to a web server through a proxy or load balancer.

UI Implementation

  1. Add X-Forwarded-IP as a new field in the UI.

  1. Specify the necessary information about inserting the whitelist into a table along with the X-Forwarded-IP field.

  1. Add a Whitelist in the Case Events page as below.

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close