How to Disable Audits in the CA API Gateway

book

Article ID: 57563

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

As of version 9.2 of the CA API Gateway, functionality was added to push audit records to an outside source through the Audit Sink Policy. With this functionality in place, the decision to stop the audits from being written to the local database can be controlled via Policy Manager.

Environment

Component: APIGTW

Resolution

The following instructions should be followed to disable auditing on the CA API Gateway.

  1. Open the CA Policy Manager.
  2. Navigate to Tasks --> Logging and Auditing --> Manage Log/Audit Sinks then click on Manage Audit Sink.
  3. In the Audit Sink Properties window that opens, deselect the Save audit records to Gateway database option and select the Output audit records via audit sink policy option.

    The Configure button on this prompt will allow the internal audit database structure to be pointed to an external database or establish the Audit Sink and Look-up Policies. This will allow the Audit Event Viewer in the Policy Manager to view the records. Enter details per your needs.
  4. Click Finish to save the changes. Once you are out of the Manage Log Sinks prompt, you should see [Internal Audit Lookup Policy] and [Internal Audit Sink Policy] created in your left Policies and Services list if you chose the "Create Custom Audit Sink and Lookup Policy" option. 
  5. Open up the Internal Audit Sink Policy for editing in the Policy Manager.
  6. Disable all of the default assertions in the Audit Sink Policy and add a single Continue Processing assertion to the bottom of the policy.
  7. The above example is useful when a systems administrator wishes that audit record logging be done via simple log files or Syslog.

Additional Information

Attachments