HTTP_header for Apache can be configured with regular WebAgent using below LogFormat.
[httpd.conf]
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{name}i\" \"%{SM_USER}i\" " common (name is header name)
[access.log]
##.##.##.## - MyUser [24/Sep/2020:10:52:05 +0900] "GET /index.html HTTP/1.1" 200 45 "-" "MyUser" "MyUser"
However, using the same approach for Access Gateway with same LogFormat:
[httpd.conf]
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{name}i\" \"%{SM_USER}i\" " common
username doesn't get logged in Apache:
[access.log]
##.##.##.## - - [24/Sep/2020:11:18:16 +0900] "GET /favicon.ico HTTP/1.1" 302 160 "http://XXXXXXX:9000/xxxxxxxx/index.html" "-" "-"
Release : 12.8
Component : SITEMINDER -WEB AGENT FOR APACHE
Different architecture when Access Gateway is used instead of web agent
It's not possible to get user ID in Apache access log in this case, because the SiteMinder agent is inside tomcat.
When the request is passing through Apache, SM_USER is not set yet.