Client ip is not found in the security audit logs. Openfire 4.7.5

client ip is not found in the security audit logs while connecting to port enabled using mod_proxy
security audit logs: “The user logged in successfully to the admin console from address 0:0:0:0:0:0:0:1”

but the client IP is captured in access_logs.
/var/log/httpd/access_log: "(null), - - [26/Oct/2023:15:24:57 +0530] “GET /audit-policy.jsp HTTP/1.1” 200 26118 “” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36” "


Is your reverse proxy setting the ‘X-Forwarded-For’ headers?

You may need to enable the Openfire system property adminConsole.forwarded.enabled to parse these headers.

Yes the reverse proxy set with ‘X-Forwarded-For’ headers

adminConsole.forwarded.enabled property is set ti Enable as well

You might have uncovered a bug in Openfire. I have recorded this in a new bug report: [OF-2700] - Ignite Realtime Jira

This issue is likely fixed in the next release of Openfire. Can you please test Openfire 4.8.0 beta to see if the problem is resolved for you with that version?