We now have X-Client-IP as a standard header based on thorough decoding of XFF (and related data) at the Varnish layer, which we'd like to adopt as the standard notion of the client's IP for both applayer and analytics/logging.
It looks like the steps here, if I understand correctly, will be:
- Add XCIP to response headers, so that varnishkafka has access to it at all
- Add client_ip field based on the above to the webrequest varnishkafka log format (We can probably start getting this into e.g. oxygen logs at this point as well)
- Add new field in hive consuming that data
- Start using the new field in place of the computed value in analytics, dropping old XFF-processing code.
- Remove the "ip" and "x_forwarded_for" fields from webrequest varnishkafka log format