Layer7 API Management

 View Only
  • 1.  How to send Layer7 Logs to Graylog

    Posted Aug 25, 2017 08:14 AM



    Has anybody experience how to send Layer7 logs to a Graylog server? 

    • Sender component used, for example Filebeat
    • Log format definition
    • How to handle multi-line log entries like Audit Log entries
    • etc


    Thanks for any help, hints


  • 2.  Re: How to send Layer7 Logs to Graylog

    Broadcom Employee
    Posted Nov 23, 2018 02:16 PM
      |   view attached



    We did a very small test in our support lab and found that Graylog will allow several different access points. We tested against using Standard Syslog over UDP or TCP, and GELF (Graylog Extended Log Format) - GELF — Graylog 2.4.6 documentation. The standard syslog can be configured using configuration outlined here (How to Audit to a Remote Syslog - CA API Gateway - 9.3 - CA Technologies Documentation). For the GELF portion, we setup the gateway to use a custom audit sink policy (Working with the Audit Sink Policy - CA API Gateway - 9.3 - CA Technologies Documentation) with the sample policy attached and it will work. 




    Stephen Hughes

    Broadcom Support