Can we audit users who access the spectrum RESTFUL API
search cancel

Can we audit users who access the spectrum RESTFUL API

book

Article ID: 276905

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

Trying to find out where I can track users specifically making API calls.

Issue is we have to move our oneClick servers and need to be able to make sure we account for everyone.

Environment

Spectrum : All Supported Versions

Cause

Need to track users who access the API for security or other purposes.

Resolution

When anyone accesses the rest API in spectrum it is logged in

/usr/Spectrum/tomcat/logs/localhost_access_log..DATE.txt   (yes, it has 2 ..)

 

Here we see user named rich

The first call failed due to typo in devcies (400)

The second call was successful (200)

 

localhost_access_log..2023-12-07.txt:- rich [07/Dec/2023:20:49:16 +0000] GET /spectrum/restful/devcies HTTP/1.1 404 - 5

localhost_access_log..2023-12-07.txt:- rich [07/Dec/2023:20:49:46 +0000] GET /spectrum/restful/devices HTTP/1.1 200 6020 8

Additional Information

You can add more columns like remote ip, etc by following these directions:

https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html

/usr/Spectrum/tomcat/conf/server.xml

 

This line:

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%l %u %t %r %s %b %D" resolveHosts="false"></Valve>

Powered by Wolken Software