Layer7 API Management

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

This is not out of the box on the Gateway. We recommend using a log forwarder to a system like Splunk or Elasticsearch (ELK) for handling this kind of capability. It is certainly possible to write a cron-triggered or service type utility and install it on the Gateway to do this.

------------------------------
Jay MacDonald - Adoption Architect - Broadcom API Management (Layer 7)
------------------------------

Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

Hi Jay, 

Could you please share any procedural docs on writing longs on Splunk from API Gateway.

Thanks,
Sunil S
Original Message:
Sent: 11-21-2019 01:57 PM
From: Jay MacDonald
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

This is not out of the box on the Gateway. We recommend using a log forwarder to a system like Splunk or Elasticsearch (ELK) for handling this kind of capability. It is certainly possible to write a cron-triggered or service type utility and install it on the Gateway to do this.

------------------------------
Jay MacDonald - Adoption Architect - Broadcom API Management (Layer 7)

Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

Hi,
Among other things to monitor APi Gateways, we are using plain old "swatch" to parse logs and send emails.
Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

Hi Phillippe,

Did you write a cron job/service to query swatch and send email  ?
or
Email Alert is out of the box feature with Swatch ?

Because all I could find was that Swatch is a command line tool and we might need a scheduled service to query it .

Please guide.


Regards,
Amit Jaiswal
Original Message:
Sent: 11-25-2019 07:51 AM
From: Philippe Brand
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,
Among other things to monitor APi Gateways, we are using plain old "swatch" to parse logs and send emails.
Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

Amit,

swatch is run as a daemon:
Sample configuration file:
# cat /etc/swatch.conf

watchfor /.*SEVERE.*JDBC/
threshold track_by=$1,type=limit,count=1,seconds=60
echo red
mail=ITS_GLOBAL_API@sanofi.com, subject="[GAMS] api-eu-int1.sanofi.com : SEVERE JDBC error found in logfile"

watchfor /com.l7tech.server.admin.AdminLoginImpl/
echo red
mail=ITS_GLOBAL_API@sanofi.com, subject="[GAMS] api-eu-int1.sanofi.com : Authentication from PolicyManager"

watchfor /com.l7tech.server.bundling.EntityBundleImporter/
echo red
mail=ITS_GLOBAL_API@sanofi.com, subject="[GAMS] api-eu-int1.sanofi.com : !! Bundle has been imported !!"

Original Message:
Sent: 12-19-2019 06:38 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi Phillippe,

Did you write a cron job/service to query swatch and send email  ?
or
Email Alert is out of the box feature with Swatch ?

Because all I could find was that Swatch is a command line tool and we might need a scheduled service to query it .

Please guide.


Regards,
Amit Jaiswal
Original Message:
Sent: 11-25-2019 07:51 AM
From: Philippe Brand
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,
Among other things to monitor APi Gateways, we are using plain old "swatch" to parse logs and send emails.
Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

If you are looking to do this on 1 specific error and an audit which is written to the local db. You could simply revise a kb (and policy we have) which montiors for the audit message of certificate expiration. You do this in a audit sink policy. 
Here is 1 sample communities post on it.
https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=755709
Charlie
Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

Hi Charles,

Thanks for the response, but we have an external gateway DB.
And, using audit sink means to create another external db which might be a performance impact on the gateway.
Because, gateway would then start writing audits in 2 DBs for every service execution.

What I am thinking is to have a Replica of my gateway DB, which will be in sync with gateway DB.
And I can create a Gateway Service to query this Replica DB, for audit details.
This way, I would not be creating any impact on my gateway DB with my sql queries and I can play with Replica DB.

Kindly let us know your point of view on this,

Regards,
Amit Jaiswal
Original Message:
Sent: 12-18-2019 03:37 PM
From: Charles L
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

If you are looking to do this on 1 specific error and an audit which is written to the local db. You could simply revise a kb (and policy we have) which montiors for the audit message of certificate expiration. You do this in a audit sink policy.
Here is 1 sample communities post on it.
https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=755709
Charlie
Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.

Audit sink can execute and not write anything to an external db. You dont have to specify a secondary external database to use an audit sink policy. The default behavior of audit sink is anyhow if it fails to write local (which is your primary external db) controlled by a cluster property.

Charlie.
Original Message:
Sent: 12-19-2019 06:30 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi Charles,

Thanks for the response, but we have an external gateway DB.
And, using audit sink means to create another external db which might be a performance impact on the gateway.
Because, gateway would then start writing audits in 2 DBs for every service execution.

What I am thinking is to have a Replica of my gateway DB, which will be in sync with gateway DB.
And I can create a Gateway Service to query this Replica DB, for audit details.
This way, I would not be creating any impact on my gateway DB with my sql queries and I can play with Replica DB.

Kindly let us know your point of view on this,

Regards,
Amit Jaiswal
Original Message:
Sent: 12-18-2019 03:37 PM
From: Charles L
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

If you are looking to do this on 1 specific error and an audit which is written to the local db. You could simply revise a kb (and policy we have) which montiors for the audit message of certificate expiration. You do this in a audit sink policy.
Here is 1 sample communities post on it.
https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=755709
Charlie
Original Message:
Sent: 11-21-2019 07:44 AM
From: Amit Jaiswal
Subject: CA API Gateway Monitoring : Monitor Error Logs & Trigger Alert Email

Hi,

We have a requirement to Monitor a Particular kind of error in Audit Logs, consolidate them and send email.
It is like checking the frequency of such errors in a particular timeframe and report it to business.
This should be an automated process.

I could not find any in-built mechanism for such monitoring in CA API Gateway.

1. Is this possible inside CA API Gateway ?
2. Shall we use an external monitoring tool, free or paid, any idea which one is good ?
3. Shall we write a job/service to poll Audit data from Gateway MySQL database, consolidate and send email ?

Please advise.