Im running a Azure Webapp with application insight.
I know Microsoft cant show the real IP (Client_IP) so I add the real IP address to all requests (Ip).
I have a visitor client_id="h9zbt" that in the last 24h is using 48 different client_IP adresses.
The same user also has several real IPv6 adresses.
I like to block this IP from my website, but I think this looks so strange.
Is it really the same user?
How is Application insight tracking the User_Id?
Usually application insights is automatically opening a session automatically for each user (look for the ai_session key). Therefore the default user scope would be a session scope.
You can override this behaviour by sending a user context if you have some kind of sign-in. (https://docs.microsoft.com/en-us/azure/application-insights/app-insights-usage-send-user-context)
I find it likely that it's the same user on the same device, just using several IP-addresses, maybe as an unsuccessful attempt to stay anonymous.
User IDs should persist across user sessions to track how users behave over time. There are various approaches for persisting the ID.
A definition of a user that you already have in your service. If the service has access to a browser, it can pass the browser a cookie with an ID in it. The ID will persist for as long as the cookieremains in the user's browser. If necessary, you can use a new ID each session, but the results about users will be limited. For example, you won't be able to see how a user's behavior changes over time.
The ID should be a Guid or another string complex enough to identify each user uniquely. For example, it could be a long random number.
If the ID contains personally identifying information about the user, it is not an appropriate value to send to Application Insights as a user ID. You can send such an ID as an authenticated user ID, but it does not fulfill the user ID requirement for usage scenarios.
mentioned in Azure doc. https://docs.microsoft.com/en-us/azure/application-insights/app-insights-usage-send-user-context
