need to capture client IP address in web service log file

Dedicated to DataStage and DataStage TX editions featuring IBM<sup>®</sup> Service-Oriented Architectures.

Moderators: chulett, rschirm

Post Reply
qt_ky
Premium Member
Premium Member
Posts: 2895
Joined: Wed Aug 03, 2011 6:16 am
Location: USA

need to capture client IP address in web service log file

Post by qt_ky »

I have a DataStage parallel job (v8.5 on AIX) creating an audit log using the sequential file stage using the invocation ID macro.

I need to capture client IP addresses in the same log file, if possible, or from elsewhere as a second choice. I am using an ISD web service with SOAP over HTTP.

Is the client IP address available through WAS, through another type of binding, or would I have to look to a firewall log?
Choose a job you love, and you will never have to work a day in your life. - Confucius
eostic
Premium Member
Premium Member
Posts: 3838
Joined: Mon Oct 17, 2005 9:34 am

Post by eostic »

It certainly isn't available to ISD, as the http stuff is already stripped away by then.....you "might" be able to get it at WAS, at its HTTP server component that receives the incoming HTTP packets containing SOAP.....otherwise, another thought would be to see if you can intercept it with whatever load balancing technology, firewall, or appliance (such as DataPower) that you might have out at the original (initial) receiver into your network.

....or you could do the primitive way, and have the client inspect its own IP and put it into the payload and then deal with it inside of DataStage.

Ernie
Ernie Ostic

blogit!
<a href="https://dsrealtime.wordpress.com/2015/0 ... ere/">Open IGC is Here!</a>
qt_ky
Premium Member
Premium Member
Posts: 2895
Joined: Wed Aug 03, 2011 6:16 am
Location: USA

Post by qt_ky »

Thanks, Ernie.

If by primitive, you mean to trust the client to send its own IP as part of the request, that could too easily be hacked. I mean I don't think security would approve.

I am looking for some way to do this on the Info Server itself. I have seen something about software to monitor web service traffic.

Another option is to put the Info Server behind a firewall assuming firewall logs would capture IP from incoming requests.
Choose a job you love, and you will never have to work a day in your life. - Confucius
ray.wurlod
Participant
Posts: 54607
Joined: Wed Oct 23, 2002 10:52 pm
Location: Sydney, Australia
Contact:

Post by ray.wurlod »

There's one of the obscure DataStage engine functions that can do that (System(42), but this only works on a Windows server :cry:) but you would need to incorporate some server functionality - either a before/after subroutine or a BASIC Transformer stage to be able to use that. AND be on a Windows server.

I'm sure there must be some way to do this on a UNIX server, but can't think of one for the moment. I'm currently preparing to install Information Server so don't actually have access to a working copy.

From memory the IP address is reported in one of the Web Console Administration screens (Session Management) so it must be being captured somehow.
IBM Software Services Group
Any contribution to this forum is my own opinion and does not necessarily reflect any position that IBM may hold.
eostic
Premium Member
Premium Member
Posts: 3838
Joined: Mon Oct 17, 2005 9:34 am

Post by eostic »

It's really a web server issue. ISD uses IBM's IHS (a subset of which is inside of WAS).....load balancers and firewalls in front of that can do even more creative things. Like WS-Security, keep this type of logging at the network level.

Ernie
Ernie Ostic

blogit!
<a href="https://dsrealtime.wordpress.com/2015/0 ... ere/">Open IGC is Here!</a>
qt_ky
Premium Member
Premium Member
Posts: 2895
Joined: Wed Aug 03, 2011 6:16 am
Location: USA

Post by qt_ky »

Thanks for the tips. I will check into those things, at least the ones I can check into further on AIX :) !
Choose a job you love, and you will never have to work a day in your life. - Confucius
qt_ky
Premium Member
Premium Member
Posts: 2895
Joined: Wed Aug 03, 2011 6:16 am
Location: USA

Post by qt_ky »

Regarding the IIS Web Console, Administration tab, Session Management, Active Sessions screen, it displays:

User Name, Session ID, Address, Type, Created, Last Updated, and Trusted

For Types of Designer, Director, and Console, Address lists the Windows computer name.

For Types of Web Console, Address lists the IP address.

For Types of Unknown, Address is blank.

An ISD web service that requires authentication, it does create a session that shows up as Type=Unknown and Address=blank. Session ID is completely populated for every type of session I see.

For all these session types, Trusted=No (not sure why).
Choose a job you love, and you will never have to work a day in your life. - Confucius
Post Reply