Layer7 API Management

Hi guys I am using Gateway 9.1 & all logs go into our unix server /opt/SecureSpan/Gateway/node/default/var/logs

Can we setup any alert emails for filesystem usage. Can we create any ssg/ping policy/service to check the file system space usage?  

Can we create any script to zip any old say for example 20 days file to save space? 

I'm new to logging in CA Api gateway so it would great if I get some inputs or any pre built policies for above usecases. 

Thanks.

You can create a page that you can curl on that will only show the usage of /opt if you like.

I created one as follows,

1) Goto my gateway ssg/ping page copy the final URL after you choose Gateway1 or Gateway2. 

In my case https://MyGatewayNameHere:8443/ssg/ping/systemInfo?node=Gateway1 

2) Create a policy

A) Route Via Http Assertion

To The Gateway Ping Page:  https://MyGatewayNameHere:8443/ssg/ping/systemInfo?node=Gateway1

With HTTP Credentials:  Valid Policy Manager user For example Admin

 B) Set Context Variable 

MyOutput1 from ${response.mainpart}

C) Evaluate regular expression

Source MyOutput1 

Expression \Q/dev/mapper/vg00-lv_opt\E.+?\Q/opt\E

(Lower right Destination) MyOutputNew

D) Evaluate regular expression

Source MyOutputNew

Expression [0-9][0-9]\Q%\E

(Lower right Destination) MyOutputFinal

E) Return Template Response

Opt is ${MyOutputFinal} Full

* With this framework you can then do whatever enhancements you want to the policy compare expression on MyOutputFinal and if its larger then 80 or 90 send an email whatever.

Then you can create a monitor script to curl this endpoint (cron or Gateway Scheduled job).

Similar you can also create a script to gzip the files and cron or gateway schedule job to archive them. You can also likely use logrotated to zip automatically and control the retention rate. Though the proper way is to just control the gateway logs if possible via the Policy Manager -> Tasks -> Logging and Auditing ->  Manage log sinks -> Choose the log file ssg* and properties -> File Setting and set what you wish. 

Hope this helps charlie.

Charlie.

Thank you Charles_Lilienkamp We are having an Two Gateway Nodes.

This is working for me - https://MyGatewayNameHere:8443/ssg/ping/systemInfo?node=Gateway1

But Gateway2 is not working, it keeps loading loading & nothing is displayed any idea why it is happening?

https://MyGatewayNameHere:8443/ssg/ping/systemInfo?node=Gateway2 

In Gateway1 I can get the data usage but I am not even able to hit Gateway2 url, it loads loads & loads with nothing displayed.

Thanks

first of all, you may want to check if the node name is correct.

you may call /ssg/ping without any node parameters, or you may check from dashboard

Yes I checked it we have 2 gateway nodes.

Gateway1

Gateway2

As said earlier Gateway1 is working fine & shows the data, but Gateway2 doesnt load please see attached image,

FYI

on policy manager, go to tasks -> manage certificates -> import all certificates of 2 gateway nodes, select first 3 options, and set Trust anchor.

without importing gateway certificates, you still can get system info, but only https://<gateway host1>:8443/ssg/ping/systemInfo?node=Gateway1, or https://<gateway host2>:8443/ssg/ping/systemInfo?node=Gateway2 are working.

access gateway1 to get gateway2 node info will fail due to the certificate trust, this can be fixed by importing all the gateway certificates to manage certificates task.

ESM is another option, Configure the Enterprise Service Manager - CA API Gateway - 9.2 - CA Technologies Documentation