xss-attack took place in our webapp hosted in Azure. How to find the IP address of the attacker Machine?

Our webapp had a XSS attack today and i work in the monitoring team. My client want to confirm the IP address of the attacker. How to find the IP address of the attacker machine.

Solution

Look for the access logs. Something like the apache access logs. Once you have identified the request, take the corresponding IP address.

Bear in mind and check following:

That the IP address is external and not e.g. of your load balancer.
If the IP belongs to your load balancer, check the logs on your log balancer or check the X-Forwarded-For header value.
Most probably the IP address will not help at all, because if the attacker was not stupid, he used TOR or proxy himself to hide his real IP address. All you will get will be the exit TOR node IP address or proxy address.

Unattended authentication using Azure Active Directory- UserCredential not accepting username and password
The type or namespace name 'Storage' does not exist in the namespace 'Microsoft.WindowsAzure'
Azure Function App - No continuous deployment setting for "Flex Consumption" hosting plan?
Why does my Azure App service have a very slow reponse from an endpoint?
Creating multiple function apps with one Flex Consumption plan
ASP.NET Core Authorization with Microsoft Entra ID
How to get client IP address in Azure Functions C#?
unable to StartCopyFromUriAsync a blob between 2 storage accounts
MSgraph cannot find string in attachment value using Azure Automation
Visual Studio 2022 caches old tenant id, can't get rid of it
Msgraph-sdk-python get sharepoint site id from name
using multiple storage accounts locally using azurite at the same time
Adding Graph API application permission via Terraform shows corrupted IDs instead of scope names
Azure DevOps Wiki page usage analytics
How to fix worker runtime metadata for Azure .net8 isolated worker model functions?
Download attachment content using Microsoft Graph API using Java
Is it possible to assign a Power BI Pro License to an Azure Service Principal? Deploy .bim in PBI Service without Premium Workspace
How to grant permissions to my application to use Microsoft Fabric services?
Copy ARM template from REPO to BLOB task fails "unable to download content"
Azure Devops Pipeline trigger from a different repo does not work
Issue with adding delegated Graph API permission to Enterprise app with Terraform
Azure VM metadata missing / emtpy publicIpAddress
Python: List containers in the Azure Data Lake Storage
azure blob storage account - log file is not generated as per setup
SAS token mismatch on Azure DPS with Azure IoT Edge
Is there a query to run so I can get a list of users who has NOT logged in, in the past 30 days?
How can I set the MQTT keepalive in the Azure IoTHub C SDK?
AzureWebJobsStorage Managed Identity not working
Resource move is not supported for resource types 'microsoft.visualstudio/account'
Invalid configuration value detected for fs.azure.account.key with com.crealytics:spark-excel