search cancel

How to configure traffic log to save request response in CA APIM Gateway


Article ID: 113615


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway


The request,  response are not saved by default.
In same cases, it's required to save the request/response for certain purposes, such as debugging, auditing, etc.

There are few ways to save request/response, such as using "Audit Messages in Policy" assertion and select always save request/response, or using "Add Audit Detail" assertion to save ${request.mainpart}/${response.mainpart} ...
For exporting request/response in audit tables, please refer to KB000113701 ( )

Here is an example to configure traffic log sink to save request/response to a log file.


Component: APIGTW


1. Add new log sink for traffic log

<Please see attached file for image>

<Please see attached file for image>

2. Add  trafficlogger.detail cluster wide property to specify the output of traffic log

<Please see attached file for image>

NOTE1: If the ${response.mainpart} is not set due to exception in the service policy, the response body will be empty. ie. the traffic log may not be able to save default/custom error response.
NOTE2: The new log file can be found under folder /opt/SecureSpan/Gateway/node/default/var/logs
NOTE3: The traffic log output can be customized in cluster wide property trafficlogger.detail, the above is just an example,  the format can be changed, or add more context variables.
The output of above setting may look like,
2018-09-12T14:45:46.785+1000 INFO    19912 com.l7tech.traffic: traffic log -- start
request url --
request body --
here is request body
response body --
ok, this is response
traffic log -- end


1559044902608000113615_sktwi1540jw434nkn.png get_app
1559044897951000113615_sktwi1540jw434nkm.png get_app
1559044890141000113615_sktwi1540jw434nkl.png get_app
1558695823315000113615_sktwi1f5rjvs16ian.png get_app
1558695821533000113615_sktwi1f5rjvs16iam.png get_app
1558695819556000113615_sktwi1f5rjvs16ial.png get_app