Hello,
We've communication coming from the internet to a reverse-proxy (fortigate firewall) and the traffic is forwarded to an IIS server. When the traffic is presented to the IIS server, the source IP is the reverse proxy IP.
So we would like to understand how we should join the two event to know the exactly public IP accessing the server.
#QRadar#Support#SupportMigration