Topic: Modsecurity log file_IIS, no orginating Ip address ?

[Menaka]

Note: Splitted

Mod Security log file for Apache had entry as below,
[31/Jul/2013:12:40:31 +0530] Ud5aZwrlJ-IAACLIBEYAAAA6 10.229.39.203 62453 10.229.39.242 80

Wherein mod Security log file for IIS had entry as below,
[31/Jul/2013:17:43:15 +0530] 18230571293743251550 80 127.0.0.1 80

Modsecurity log file_IIS version doesn't have the request's source address.(10.229.39.203)
I have hosted my application on localhost which has ip:10.229.39.242
Can someone clarify why am I not getting the Ip address from which the request originated? and What should I do to get the details

[James Blond]

Since the topic is splitted we need more details. Is ISS in front of Apache?

[Menaka]

IIS is running separately

[James Blond]

So I assume you putted apache with mod sec in front of the IIS or how does mod sec protect your IIS?

[Menaka]

I have integrated mod security with IIS separately..nothin to do with Apache.