Trying to configure the Gateway logs so that they go to a file instead of the dbase.
search cancel

Trying to configure the Gateway logs so that they go to a file instead of the dbase.


Article ID: 217990


Updated On:


CA API Gateway


My goal is to collect and configure all the GW logs including the audit logs and need to be sent to ELK (Container Gateway)

  • Think this will be the step
      • Config GW and Audit logs -> NEW Audit sink File instead of DB  -> journalbeat -> logstash -> elasticsearch

So I started with turning off the DB logs and collect them into  file and do not see the file getting created. (same details in the email which I sent on FRIDAY)

The links and the online docs is contradicting.

Working with Log Sinks and Debug Logs

Last Updated June 10, 2021

This topic describes the procedures for common scenarios involving log sinks and debug logs for the 

Layer7 API Gateway


Log sinks are not suitable for the Container Gateway. Layer7 recommends using other third-party tools for managing, storing, and aggregating logs. 

I was able to turn off the db logs, when following these instructions.

I changed the and  I am not seeing any files being created inside the container at /opt/SecureSpan/Gateway/node/default/  under var/log

As you can see in the image the same custom logger is provided in the Audit sink configuration. Am I missing anything else.



Release : 10.0

Component : API GATEWAY


Need to setup Enriched Logging in JSON Format

To do this in Docker you set the property files

Gateway in a Docker container has more than one why to set the and files  

1. Insert the property and value directly in the values.yaml file as a Java argument.
2. Create a derived (customized) Gateway docker image that calls upon the file that you've modified. Derived images are built using the API Gateway docker base image and can be especially useful if you want to reduce the load time of the Gateway cluster with custom configurations, libraries, and components.
3. Append a system property and its value to the file with the Bash command line (assuming there aren't any root-user restrictions in place). For example: $ echo 'com.l7tech.common.somesystemproperty=somevalue' >>



Configured docker container to log  “Enriched log message in JSON format”

NOTE there are multiple ways to do this for this KB we Docker copied the file files after changing 

  1. Local system created system.properies file 

# Default Gateway system properties

# Configuration properties for shared state extensions.










  1. Local system created file 

handlers = com.l7tech.server.log.GatewayRootLoggingHandler, com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler

com.l7tech.server.log.GatewayRootLoggingHandler.formatter = com.l7tech.util.JsonLogFormatter


com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.formatter = com.l7tech.util.JsonLogFormatter

com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.level = CONFIG


With Docker container running used docker copy to replace existing file (NOTE use docker ps to get container id)


# docker cp  77d87e83b0e5:/opt/SecureSpan/Gateway/node/default/etc/conf

# docker cp  77d87e83b0e5:/opt/SecureSpan/Gateway/node/default/etc/conf

Stopped and restarted docker container 

# docker stop $(docker ps -a -q)

# docker start 77d87e83b0e5

Results in JSON format 

{"package":"com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion","level":"INFO","log":{"message":"7101: Comparison did not match: ${request.url.path} is equal to /auth/oauth/v2/token (case sensitive)"},"time":"2021-06-22T19:38:05.815+0000"}

{"package":"com.l7tech.server.policy.assertion.ServerAuditDetailAssertion","level":"WARNING","log":{"message":"-5: Audit Details [ Policy line: #4 TOTAL before JDBC Time\u003d 45  ]"},"time":"2021-06-22T19:38:05.816+0000"}