Audit messages for HTTP 404 errors returned by the Gateway are currently built as INFO warning messages. This will result in those messages being lost if the audit message threshold is set to WARNING or SEVERE. This is intentional as a client application could--either maliciously or innocently--generate an excessive quantity of audit records by hammering the Gateway with requests that would result in HTTP 404 errors. HTTP 404 errors are audited at the INFO severity to make them available without a significant increase in verbosity while keeping the audits limited to high-visibility issues.
If setting the audit message threshold to INFO is not desirable, as it does audit significantly more data, then an administrator can leverage the audit.setDetailLevel property to elevate it.
Setting the following cluster-wide properties as follows will capture the request URI or requested service that generated an HTTP 404 from the Gateway and present it as an audit detail:
If these properties are set appropriately then the following audit message (and accompanying audit details) will be visible in the Gateway Audit Event Viewer for an HTTP request inbound to the Gateway that attempts to consume a service that does not exist:
WARNING Message was not processed: Service Not Found. The request may have been sent to an invalid URL, or intended for an unsupported operation. (404)
FINE 3102 No match possible with URI "/fakeservice"
INFO 3005 Service not found
INFO 3017 Policy evaluation for service resulted in status 404 (Service Not Found. The request may have been sent to an invalid URL, or intended for an unsupported operation.)