Log sink does not look for dns change
search cancel

Log sink does not look for dns change

book

Article ID: 106973

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

The Log sink has been set to push audit logs to a syslog server. The hostname of the Syslog server has been used in the configuration as stated in the document:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/11-0/security-configuration-in-policy-manager/tasks-menu-security-options/manage-log-audit-sinks/how-to-audit-to-a-remote-syslog.html

If there is a change in the IP address of the Syslog server, the Gateway fails to pick up the new address.

Environment

Release:
Component: APIGTW

Cause

Checking the name resolution before sending the log message is a huge task. This would mean, that before sending every log message, there should be a check on the name resolution. This would put a heavy load on the network as there may be several logs sent every second. By default even syslog is set as UDP. 

Resolution

The gateway is working as designed. The gateway does not check for IP address change every time it sends out a syslog. The gateway service has to be restarted for the DNS to be checked. 

Powered by Wolken Software