CA API Portal EE 4.2.x logging to Syslog


Article ID: 103370


Updated On:


CA API Developer Portal CA API Gateway


The CA API Portal EE 4.2.x is Docker affiliated and thus its logging is based on the Docker configuration.
By default when using the CA API Portal EE 4.2.x OVA, the Docker service is configured to write its data into the OS journal log.


Release: 4.X
Component: APIPRD


To configure the CA API Portal EE 4.2.x to write its Docker events to a remote Syslog Server such as SPLUNK, one can follow the below example:

Edit the /etc/docker/daemon.json file.

The default file when using the CA API Portal EE 4.2.x is as below:

Now update that file to direct the Docker events to your remote Syslog Server, for example:

Update your firewall rules to allow communication via the syslog port you configured:

- First locate the correct zone on which your firewall is configured for:

./firewall-cmd --get-active-zones

In this example we update the 'drop' zone and the configuration is as follows:

./firewall-cmd --zone=drop --add-port=8089/tcp --permanent
./firewall-cmd --reload

Now, restart the Docker service by running:

./sudo systemctl restart docker

And verify that your remote Syslog Server is showing the Docker events.