How to configure traffic log to save request response in CA APIM Gateway
Article ID: 113615
Updated On:
Products
STARTER PACK-7
CA Rapid App Security
CA API Gateway
Issue/Introduction
The request, response are not saved by default.
In same cases, it's required to save the request/response for certain purposes, such as debugging, auditing, etc.
There are few ways to save request/response, such as using "Audit Messages in Policy" assertion and select always save request/response, or using "Add Audit Detail" assertion to save ${request.mainpart}/${response.mainpart} ...
For exporting request/response in audit tables, please refer to KB000113701 ( https://knowledge.broadcom.com/external/article?articleId=113701 )
Here is an example to configure traffic log sink to save request/response to a log file.
In same cases, it's required to save the request/response for certain purposes, such as debugging, auditing, etc.
There are few ways to save request/response, such as using "Audit Messages in Policy" assertion and select always save request/response, or using "Add Audit Detail" assertion to save ${request.mainpart}/${response.mainpart} ...
For exporting request/response in audit tables, please refer to KB000113701 ( https://knowledge.broadcom.com/external/article?articleId=113701 )
Here is an example to configure traffic log sink to save request/response to a log file.
Environment
Release:
Component: APIGTW
Component: APIGTW
Resolution
1. Add new log sink for traffic log
2. Add trafficlogger.detail cluster wide property to specify the output of traffic log
NOTE1: If the ${response.mainpart} is not set due to exception in the service policy, the response body will be empty. ie. the traffic log may not be able to save default/custom error response.
NOTE2: The new log file can be found under folder /opt/SecureSpan/Gateway/node/default/var/logs
NOTE3: The traffic log output can be customized in cluster wide property trafficlogger.detail, the above is just an example, the format can be changed, or add more context variables.
The output of above setting may look like,
2018-09-12T14:45:46.785+1000 INFO 19912 com.l7tech.traffic: traffic log -- start
request url --
http://markgw93:8080/testonly
request body --
here is request body
response body --
ok, this is response
traffic log -- end
<Please see attached file for image>
<Please see attached file for image>
2. Add trafficlogger.detail cluster wide property to specify the output of traffic log
<Please see attached file for image>
NOTE1: If the ${response.mainpart} is not set due to exception in the service policy, the response body will be empty. ie. the traffic log may not be able to save default/custom error response.
NOTE2: The new log file can be found under folder /opt/SecureSpan/Gateway/node/default/var/logs
NOTE3: The traffic log output can be customized in cluster wide property trafficlogger.detail, the above is just an example, the format can be changed, or add more context variables.
The output of above setting may look like,
2018-09-12T14:45:46.785+1000 INFO 19912 com.l7tech.traffic: traffic log -- start
request url --
http://markgw93:8080/testonly
request body --
here is request body
response body --
ok, this is response
traffic log -- end
Attachments
Feedback
Yes
No
Powered by
