Container Gateway Traffic & Logs
search cancel

Container Gateway Traffic & Logs

book

Article ID: 248903

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We are working on set up Traffic logs for Container Gateway 10.1 but it didnt work so far.

followed the techdocs

Link:  Manage Audit Sinks Log Properties

and also the KB Article: https://knowledge.broadcom.com/external/article?articleId=239290

also tried putting them under javaArgs but that also didn't work.

 

 

Environment

Release : 11.x

Component : API Gateway

Cause

The default values set in values.yaml does not so much as required

Resolution

1. Enriched Logging in JSON Format

Enriched logging in json format

below ,  simple use case to check the results :

remove most of the audit lines to make it simple config:


  heapSize: "2g"
  javaArgs:
    - -Dcom.l7tech.bootstrap.autoTrustSslKey=trustAnchor,TrustedFor.SSL,TrustedFor.SAML_ISSUER
    - -Dcom.l7tech.server.audit.message.saveToInternal=false<============== removed
    - -Dcom.l7tech.server.audit.admin.saveToInternal=false<============== removed
    - -Dcom.l7tech.server.audit.system.saveToInternal=false<============== removed
    - -Dcom.l7tech.server.audit.log.format=json<============== removed
    - -Djava.util.logging.config.file=/opt/SecureSpan/Gateway/node/default/etc/conf/log-override.properties<============== removed
    - -Dcom.l7tech.server.pkix.useDefaultTrustAnchors=true<============== removed
    - -Dcom.l7tech.security.ssl.hostAllowWildcard=true <============== removed
    - -Dcom.l7tech.server.log.console.extraCats=AUDIT,LOG,TRAFFIC
  log:
    override: true <===============changed to false

example how it looks after changes done

config:
  heapSize"2g"
  javaArgs:
    - -Dcom.l7tech.bootstrap.autoTrustSslKey=trustAnchor,TrustedFor.SSL,TrustedFor.SAML_ISSUER
    - -Dcom.l7tech.server.audit.message.saveToInternal=true
    - -Dcom.l7tech.server.audit.admin.saveToInternal=true
    - -Dcom.l7tech.server.audit.system.saveToInternal=true
    #- -Dcom.l7tech.server.audit.log.format=json
    #- -Djava.util.logging.config.file=/opt/SecureSpan/Gateway/node/default/etc/conf/log-override.properties
    - -Dcom.l7tech.server.pkix.useDefaultTrustAnchors=true
    - -Dcom.l7tech.security.ssl.hostAllowWildcard=true
    - -Dcom.l7tech.server.log.console.extraCats=AUDIT,LOG,TRAFFIC
  log:
    overridefalse
    properties: |-
      handlers = com.l7tech.server.log.GatewayRootLoggingHandler, com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler
      com.l7tech.server.log.GatewayRootLoggingHandler.formatter = com.l7tech.util.JsonLogFormatter
      java.util.logging.SimpleFormatter.format=
      com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.formatter = com.l7tech.util.JsonLogFormatter
      com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.level = CONFIG