The WMF production logging configuration uses Monolog's Monolog\Processor\WebProcessor class to decorate each log event with several context fields:
- url: $_SERVER['REQUEST_URI']
- ip: $_SERVER['REMOTE_ADDR']
- http_method: $_SERVER['REQUEST_METHOD']
- server: $_SERVER['SERVER_NAME']
- referrer: $_SERVER['HTTP_REFERER']
The use of $_SERVER['REMOTE_ADDR'] to capture the requesting IP address is not of much use in the WMF production cluster where all requests are made indirectly from behind a Varnish server. If we continue to log this we should instead use a custom processor that processes XFF headers sensibly using WebRequest::getIP() or something similar.