Ip addresses on log files

Hi,

is there a way to trace the ip addresses of client requesting something not available on WSE instance?
For example, on error log file I see the s request:

WARN server comment 2022-11-02 13:03:35 - - - - - 1691453.676 - - - - - - - - Application folder ([install-location]/applications/-wvhttp-01-) is missing

And this is what I see on access log file:

2022-11-02 13:03:35 CET comment server WARN 200 - Application folder ([install-location]/applications/-wvhttp-01-) is missing - - - 1691453.676 - - - - - - - - - - - - - - - - - - - - - - - - -

Application -wvhttp-01- doesn’t exists , but I’d like to know the ip address of the requester.
I’d like to block bots or scripts that try to scan my server, asking some fake urls.

Why on the log files, if I request something not defined on WSE, my ip address is not traced?
It’s traced only the good requests to the server, never the “bad” requests.

Kind regards,
Dave

Take a look at this post.

Another trick will be to actually create an app from live app called -wvhttp-01- and in java code trace the client’s address.

Thank you,

I was thinking to add the live app and I’ll do it.
But we have others request for “cam” “cam1” … and other names.
I cannot add an app for each name.

If the requests are over HTTP/HTTPS you can perhaps try looking at OS level access logs ?

Do I have to log the firewall?
I know that, using firewalld, I can log only the blocked requests, but not the good requests.
Or is there another way?

Try using something like tcpflow or something to monitor requests on the network interface.