CA API Gateway (Layer 7)SA94 to API SECURITYSTARTER PACK-7CA Rapid App SecurityMOBILE API GATEWAYCA Mobile - API GatewayCA API Gateway
Issue/Introduction
When applying a Rate Limit Assertion (throttle option), the documentation suggests that an Audit will be logged. In the audit logs for this gateway node, I'm not seeing any audits being logged for Rate Limiting when the appropriate limit is being triggered. How do I configure the Rate Limit Assertion to properly log when the assertion is triggered?
Environment
Release: Component: APIGTW
Resolution
Configure the following audit related cluster-wide property: audit.setDetailLevel.WARNING https://docops.ca.com/ca-api-gateway/9-3/en/reference/gateway-cluster-properties/audit-cluster-properties And add the audit code 6950. This raises the audit level to Warning and at that point it should appear in the logs when the Rate Limit Assertion is triggered.
Additional Information
The reason this is required is because though the Apply Rate Limit Assertion does in fact log the event (6950), it is logged as INFO by default. As such, you won't be see the logs appear. Adding the audit code 6950 to the audit.setDetailLevel.WARNING cluster wide property raises the event to the WARNING level and is thus logged when triggered.