Skip to main content
Skip table of contents

Whitelist X-forwarded Header Information from PCAP File

This document discusses how to retrieve the X-Forwarded-For (XFF) IP address from packet captures (PCAP) files after creating the case from events.

X-Forwarded-For is an HTTP header used to track the original IP address of a user connecting to a web server through a proxy or load balancer.

UI Implementation

  1. Add X-Forwarded-IP as a new field in the UI.

  1. Specify the necessary information about inserting the whitelist into a table along with the X-Forwarded-IP field.

  1. Add a Whitelist in the Case Events page as below.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.