Enabling API audit traffic logging - PingAccess - 7.0

PingAccess

bundle
pingaccess-70
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 7.0
category
Product
pa-70
pingaccess
ContentType_ce

Enable API audit logging including request and responses.

  1. Edit the <PA_HOME>/conf/log4j2.xml file.
  2. In the Logger section, uncomment the AppenderRef element for the API audit log HAR file.
           <!-- Audit Log Configuration-->
            <Logger name="apiaudit" level="INFO" additivity="false">
                <AppenderRef ref="APIAuditLog-File"/>
                <!--<AppenderRef ref="ApiAuditLog-Database-Failover"/>-->
                <!--<AppenderRef ref="ApiAuditLog-SQLServer-Database-Failover"/>-->
                <!--<AppenderRef ref="ApiAuditLog-PostgreSQL"/>-->
                <!--<AppenderRef ref="ApiAudit2Splunk"/>-->
                <AppenderRef ref="ApiAuditLog-HarFile"/>
            </Logger>
  3. In the Appenders section, uncomment the RollingFile
        <Appenders>
            ...
            <RollingFile name="ApiAuditLog-HarFile"
                                fileName="${sys:pa.home}/log/pingaccess_api_audit_har.log"
                                filePattern="${sys:pa.home}/log/pingaccess_api_audit_har.%d{yyyy-MM-dd}.log"
                                ignoreExceptions="false"> 
                <StatusCodeRegExFilter regex=".*"/>
                <HarLogLayout>
                    <KeyValuePair key="AUDIT.metadata" value="true"/>
                    <KeyValuePair key="AUDIT.http-client" value="true"/>
                </HarLogLayout>
                <Policies>
                    <TimeBasedTriggeringPolicy />
                </Policies>
            </RollingFile>
    
  4. Optional: To filter the entries to add to the log file, edit the value in the StatusCodeRegExFilter element.
  5. Optional: To specify what information to log, edd or edit the values in the HarLogLayout section of the RollingFile element.

    You can add or edit metadata and client response values. See Traffic logging reference for more information.

Logging begins when the configuration is reloaded. The configuration is reloaded at regular intervals according to the monitorInterval value.