Layer7 API Gateway: Viewing container logs in policy manager


Article ID: 125745


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway


When using the Gateway docker image using the 'View Logs' option in policy manager will generate an error similar to the below:

"Uncaught exception in thread 'pool-X-thread-1' [Id:XXX]"

Where the ID and POOL may differ in your environment.


As noted in the documentation there are some key differences between the different Gateway form factors.
Specifically, for the docker image:

* All Gateway logs go to stdout. 
* Use the platform to manage captured logs 
* Stock bash command logging. 
* See "Working with Logs in Docker" and "Working with Logs in OpenShift". 

Due to the logging going directly to stdout , the normal sink logs do not work. 
The output to the log is discarded as noted when viewing it in the container:

lrwxrwxrwx. 1 root root 9 Dec 24 08:09 /opt/SecureSpan/Gateway/node/default/var/logs/ssg_0_0.log -> /dev/null 



Component: API Gateway


There may be cases where viewing the logs in policy manager is necessary, such as when the container is hosted on a system with limited access and using the platform to capture logs is not feasible.

You can follow the below steps to avoid having the error dialog appear and view logs from the Policy manager.

1) Edit the YAML file used to start the container

Under the "environment:" section add the following. If this already exists, simply append it to the existing line
 separating each item with a space.

EXTRA_JAVA_ARGS: "-Dcom.l7tech.server.disableFileLogsinks=false"

stop and restart the container.

2) Login to policy manager and navigate to TASKS -> LOGS AND AUDITING -> MANAGE LOG/AUDIT SINKS
3) Click the create button 
4) Name the log sink and set the type to FILE. Adjust the severity threshold and file settings according to your needs