How to tell if Trace is left active on my CA API Gateway Services

Article Id: 108031
Status: Published
Updated On: 26-07-2018 19:21
Products:
STARTER PACK-7 CA Rapid App Security CA API Gateway CA API Gateway
Issue/Introduction:

The purpose of this document is to help identify CA API Gateway Services that have Trace turned on and alert about them to users using an email alert.

From time to time we turn trace on to get more detailed messages as we troubleshoot a problem with the CA API Gateway.

That trace generates a lot of Audit messages and if left on can cause the Audit tables to grow too fast causing the CA API Gateway IDBATA file (MYSQL) to grow until we are running out of disk space or room to create new Audits.

It is important to make sure Trace is turned off after the testing/troubleshooting are done.

But when having hundreds of services on the Gateway, how can we tell which one got Trace turned on?

Environment:

Release:
Component: APIGTW

Resolution:

In order for us to identify which CA API Gateway Services have their trace turned on, we can utilize a simple SQL Query against the CA API Gateway MYSQL DB.

The below steps will illustrate how such can be done.

1. Create a JDBC Connection to the CA API Gateway MYSQL DB:
1.1 Open the Policy Manager and navigate to the 'Tasks' --> 'data Sources' --> Manage JDBC Connections'

<Please see attached file for image>

Get to JDBC Settings

1.2 Create a new JDBC Connection to your CA API Gateway MYSQL DB:

<Please see attached file for image>

Create the needed JDBC Connection

2. Create a new Policy with type: Policy-Backed Service Operation Policy Fragment

<Please see attached file for image>

Create the needed Policy

3. Add the below rules in your policy:

<Please see attached file for image>

The Policy we create

3.1 Create the 'Perform JDBC Query' based on the JDBC Connection you created in Step 1:

<Please see attached file for image>

JDBC Query in play

3.2 Create a condition to continue if at least one service was found with trace on.

<Please see attached file for image>

Condition To Verify

3.3 Create the needed Email Alert settings:

<Please see attached file for image>

Email Alert Setting

3.4 Save and Activate your policy.


4. Create a new scheduled task/job to be run with the policy created.

4.1 Go to 'Tasks' --> 'Global Settings' --> 'Manage Scheduled Tasks'

<Please see attached file for image>

Go to Scheudled Tasks TAB

4.2 Add the needed task.

<Please see attached file for image>

Create the needed scheduled task

Once an email will be generated and sent out, the needed Policy Manager users/admins can quickly locate the services in play and turn the trace off.

insert_drive_file 1558698764374000108031_sktwi1f5rjvs16jgi.png
arrow_downward Download
insert_drive_file 1558698762337000108031_sktwi1f5rjvs16jgh.png
arrow_downward Download
insert_drive_file 1558698760510000108031_sktwi1f5rjvs16jgg.png
arrow_downward Download
insert_drive_file 1558698758772000108031_sktwi1f5rjvs16jgf.png
arrow_downward Download
insert_drive_file 1558698756884000108031_sktwi1f5rjvs16jge.png
arrow_downward Download
insert_drive_file 1558698755225000108031_sktwi1f5rjvs16jgd.png
arrow_downward Download
insert_drive_file 1558698753561000108031_sktwi1f5rjvs16jgc.png
arrow_downward Download
insert_drive_file 1558698751685000108031_sktwi1f5rjvs16jgb.png
arrow_downward Download
insert_drive_file 1558698749618000108031_sktwi1f5rjvs16jga.png
arrow_downward Download