Trying to configure the Gateway logs so that they go to a file instead of the dbase.
search cancel

Trying to configure the Gateway logs so that they go to a file instead of the dbase.

book

Article ID: 217990

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

My goal is to collect and configure all the GW logs including the audit logs and need to be sent to ELK (Container Gateway)

  • Think this will be the step
      • Config GW and Audit logs -> NEW Audit sink File instead of DB  -> journalbeat -> logstash -> elasticsearch

So I started with turning off the DB logs and collect them into  file and do not see the file getting created. (same details in the email which I sent on FRIDAY)

The links and the online docs is contradicting.

Working with Log Sinks and Debug Logs

Last Updated June 10, 2021

This topic describes the procedures for common scenarios involving log sinks and debug logs for the 

Layer7 API Gateway

.

Log sinks are not suitable for the Container Gateway. Layer7 recommends using other third-party tools for managing, storing, and aggregating logs. 

I was able to turn off the db logs, when following these instructions.

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/congw-10-0/administer-the-gateway/enriched-logging-in-json-format.html

I changed the system.properties and  I am not seeing any files being created inside the container at /opt/SecureSpan/Gateway/node/default/  under var/log

As you can see in the image the same custom logger is provided in the Audit sink configuration. Am I missing anything else.

 

Environment

Release : 10.0

Component : API GATEWAY

Cause

Need to setup Enriched Logging in JSON Format

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/congw-10-0/administer-the-gateway/enriched-logging-in-json-format.html

To do this in Docker you set the property files

Gateway in a Docker container has more than one why to set the system.properties and ssglog.properties files  

1. Insert the property and value directly in the values.yaml file as a Java argument.
2. Create a derived (customized) Gateway docker image that calls upon the system.properties file that you've modified. Derived images are built using the API Gateway docker base image and can be especially useful if you want to reduce the load time of the Gateway cluster with custom configurations, libraries, and components.
3. Append a system property and its value to the system.properties file with the Bash command line (assuming there aren't any root-user restrictions in place). For example: $ echo 'com.l7tech.common.somesystemproperty=somevalue' >> system.properties

 

Resolution

Configured docker container to log  “Enriched log message in JSON format”

NOTE there are multiple ways to do this for this KB we Docker copied the file files after changing 

  1. Local system created system.properies file 

# Default Gateway system properties

# Configuration properties for shared state extensions.

com.l7tech.server.extension.sharedKeyValueStoreProvider=embeddedhazelcast

com.l7tech.server.extension.sharedCounterProvider=ssgdb

com.l7tech.server.extension.sharedClusterInfoProvider=ssgdb

 

com.l7tech.server.audit.message.saveToInternal=false

com.l7tech.server.audit.admin.saveToInternal=false

com.l7tech.server.audit.system.saveToInternal=false

com.l7tech.server.audit.log.format=json

 

  1. Local system created ssglog.properties file 

handlers = com.l7tech.server.log.GatewayRootLoggingHandler, com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler

com.l7tech.server.log.GatewayRootLoggingHandler.formatter = com.l7tech.util.JsonLogFormatter

java.util.logging.SimpleFormatter.format=

com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.formatter = com.l7tech.util.JsonLogFormatter

com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.level = CONFIG

 

With Docker container running used docker copy to replace existing file (NOTE use docker ps to get container id)

 

# docker cp ssglog.properties  77d87e83b0e5:/opt/SecureSpan/Gateway/node/default/etc/conf

# docker cp system.properties  77d87e83b0e5:/opt/SecureSpan/Gateway/node/default/etc/conf

Stopped and restarted docker container 

# docker stop $(docker ps -a -q)

# docker start 77d87e83b0e5

Results in JSON format 

{"package":"com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion","level":"INFO","log":{"message":"7101: Comparison did not match: ${request.url.path} is equal to /auth/oauth/v2/token (case sensitive)"},"time":"2021-06-22T19:38:05.815+0000"}

{"package":"com.l7tech.server.policy.assertion.ServerAuditDetailAssertion","level":"WARNING","log":{"message":"-5: Audit Details [ Policy line: #4 TOTAL before JDBC Time\u003d 45  ]"},"time":"2021-06-22T19:38:05.816+0000"}

Powered by Wolken Software