We run an Ignition 8.1 instance in the AWS cloud, with a load balancer (ELB) in front of it to ease management.
I just noticed that the gateway’s audit log is only capturing the internal IP of the load balancer on user login events. We’re using Perspective and the internal IDP, so they are showing as “Web Auth Status Change” actions. I’m not seeing the user’s external IP being captured anywhere else in the audit log.
Is it captured somewhere else? If not, what is the recommended way to capture it in the audit log?