Traffic logs not being send to STOUT
search cancel

Traffic logs not being send to STOUT

book

Article ID: 405729

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We have traffic logs enabled on our gateway and several log sinks have been created for our application logs.

When using kubectl logs command to view the logs i can see the gateway logs and the application logs but i can't see any traffic logs. Is there a way to enable traffic logs to be written to STOUT so they are all in the same file, which will make it easier to solution our log forwarding solution (to splunk).

Environment

11.1 

Resolution

Below changes had to be made to the log_override_values.yaml file and that helped in pushing the traffic logs to stdout logs of the container .

javaArgs:
-Dcom.l7tech.bootstrap.autoTrustSslKey=trustAnchor,TrustedFor.SSL,TrustedFor.SAML_ISSUER
-Dcom.l7tech.server.audit.message.saveToInternal=false
-Dcom.l7tech.server.audit.admin.saveToInternal=false
-Dcom.l7tech.server.audit.system.saveToInternal=false
-Dcom.l7tech.server.audit.log.format=json
-Djava.util.logging.config.file=/opt/SecureSpan/Gateway/node/default/etc/conf/log-override.properties
-Dcom.l7tech.server.pkix.useDefaultTrustAnchors=true
-Dcom.l7tech.security.ssl.hostAllowWildcard=true
-Dcom.l7tech.server.disableFileLogsinks=false
-Dcom.l7tech.server.log.console.extraCats=AUDIT,LOG,TRAFFIC <<<=== should be here
log:
overridetrue
properties|-
handlers = com.l7tech.server.log.GatewayRootLoggingHandler, com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler
com.l7tech.server.log.GatewayRootLoggingHandler.formatter = com.l7tech.util.JsonLogFormatter
java.util.logging.SimpleFormatter.format=
com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.formatter = com.l7tech.util.JsonLogFormatter
com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler.level = CONFIG
com.l7tech.server.log.console.extraCats=AUDIT,LOG,TRAFFIC <<== remove from here

Also remove this line from your log-override properties if ot is already existing
handlers = com.l7tech.server.log.GatewayRootLoggingHandler, com.l7tech.server.log.ConsoleMessageSink$L7ConsoleHandler

as per this documentation - https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/congw11-1/administer-the-gateway/enriched-logging-in-json-format.html

and then restart.

Powered by Wolken Software