Layer7 API Management

Expand all | Collapse all

Supress Server Updated audits

Jump to Best Answer
  • 1.  Supress Server Updated audits

    Posted 02-15-2017 04:33 PM

    When we deploy policies with the GMU we get a lot of Server Updated messages in the auditlog. We want to exclude this kind of audit records because it fills the database without usefull information. Is it possible to exclude these messages (without a code number)?

     

    Example

    Node : vws-dca-wsgt-01.mst.mhsrijk.nl
    Time : 20170215 22:07:30.644
    Severity : FINE
    Message : Server Updated
    Audit Record ID: 299f6f0655d71aeba026e2cab62c47bd

    Event Type : System Message
    Node IP : 10.136.107.10
    Action : Updated
    Component : SecureSpan Gateway: Server
    Entity name : Server



  • 2.  Re: Supress Server Updated audits

    Posted 04-21-2017 06:00 PM

    Good afternoon,

     

    From reviewing your post it appears that the audit levels are set very low level. Please check the cluster wide properties for audit levels, log.levels, and the log settings in Manage Audit and Log section to ensure none are set low. Default for most is warning.

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support



  • 3.  Re: Supress Server Updated audits

    Posted 04-23-2017 02:59 AM

    Hi Stephen,

     

    Thank you for responding. I get these audit messages with the default configuration. Even when I change the audit.adminThreshold, audit.detailThreshold and log.stdoutlevel to WARNING it is logged in the audit database. Maybe there is some hidden feature to disable these messages or a good reason to get these messages in the first place?

     

    With regards,

     

    Edward



  • 4.  Re: Supress Server Updated audits
    Best Answer

    Posted 04-24-2017 02:45 PM

    Edward,

     

    I've investigated this further and found that these messages are not configurable as noted in the documentation  Gateway Auditing Threshold and Format - CA API Gateway - 9.2 - CA Technologies Documentation  as the System Messages. I would suggest that you open an idea through the community as to how you would like to see this changed.

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support



  • 5.  Re: Supress Server Updated audits

    Posted 04-24-2017 03:15 PM

    Thank you Stephen, I created an idea for configurable system audit events,

     

     Make system audit events configurable