Log sink does not look for dns change

book

Article ID: 106973

calendar_today

Updated On:

Products

CA API Gateway (Layer 7) SA94 to API SECURITY STARTER PACK-7 CA Rapid App Security MOBILE API GATEWAY CA Mobile - API Gateway CA API Gateway

Issue/Introduction

The Log sink has been set to push audit logs to a syslog server. The hostname of the syslog server has been used in the configuration. 
The following procedure was used.
https://docops.ca.com/ca-api-gateway/9-1/en/configure-security/tasks-menu-security-options/manage-log-audit-sinks/how-to-audit-to-a-remote-syslog

Use Case/Problem:  The ip address of the syslog server changed and the dns was updated. The gateway still sends the syslog to the old ip address. 

Cause

Checking the name resolution before sending the log message is a huge task. This would mean, that before sending every log message, there should be a check on the name resolution. This would put a heavy load on the network as there may be several logs sent every second. By default even syslog is set as UDP. 

Environment

Release:
Component: APIGTW

Resolution

Gateway is working as designed. The gateway does not check for ip address change every time there it sends out a syslog. The gateway service has to be restarted for the dns to be checked.