Can we audit users who access the spectrum RESTFUL API
search cancel

Can we audit users who access the spectrum RESTFUL API


Article ID: 276905


Updated On:


CA Spectrum


Trying to find out where I can track users specifically making API calls.

Issue is we have to move our oneClick servers and need to be able to make sure we account for everyone.


Spectrum : All Supported Versions


Need to track users who access the API for security or other purposes.


When anyone accesses the rest API in spectrum it is logged in

/usr/Spectrum/tomcat/logs/localhost_access_log..DATE.txt   (yes, it has 2 ..)


Here we see user named rich

The first call failed due to typo in devcies (400)

The second call was successful (200)


localhost_access_log..2023-12-07.txt:- rich [07/Dec/2023:20:49:16 +0000] GET /spectrum/restful/devcies HTTP/1.1 404 - 5

localhost_access_log..2023-12-07.txt:- rich [07/Dec/2023:20:49:46 +0000] GET /spectrum/restful/devices HTTP/1.1 200 6020 8

Additional Information

You can add more columns like remote ip, etc by following these directions:



This line:

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%l %u %t %r %s %b %D" resolveHosts="false"></Valve>