Layer7 API Management

Expand all | Collapse all

How to exclude given Service audit logs from internal audit logs

  • 1.  How to exclude given Service audit logs from internal audit logs

    Posted 02-14-2018 10:54 AM

    Hi All,

    I have a load balancer keealive dedicated service as advised by product documentation (Configuring the Load Balancer - CA API Gateway - 8.4 - CA Technologies Documentation ).

     

    Because we are offloading audit logs from internal gateway database to an external Database we also have an Internal Audit Sink Policy (Working with the Audit Sink Policy - CA API Gateway - 8.4 - CA Technologies Documentation)

    The auto generated Audit Sink Policy include by default all the node policies audit logs including the keepalive policy audit logs.

    This generate a lot of noise and useless log entries in our audit logs database.

    I have tried filtering audit logs stored in the audit logs database using the ${audit.serviceOid} global variable but this does not work (this prevents keepalive service to be logs but also all the other services audit logs !)

     

    Anyone as already done something like that ?

    Regards,



  • 2.  Re: How to exclude given Service audit logs from internal audit logs

    Posted 12-07-2018 08:29 PM
      |   view attached

    Good evening,

     

    I've put together an adapted custom Audit Sink Policy that will validate all audits and when the health check service is hit the audit will be excluded from the database. To adapt it for your environment, just modify the compare assertion to represent the serviceOID that is for your service.

     

    Sincerely,


    Stephen Hughes
    Broadcom Support