Layer7 API Management

Hi Team,

We are planning to use external DB for auditing purpose.Can anyone suggested the process to go further?CA supports only mysql.But we have planned to use other one.If anyone shared the document related to that.It should be helpful to us.

Regards,

Vinod.

Vinod,

Good morning if you are looking to use external audits through the audit sink policy, the gateway supports DB2, MySQL, Oracle, and MS SQL. (Managing Audit Sinks - CA API Gateway - 9.3 - CA Technologies Documentation ) Also you can use the custom audit sink policy that can be tailored to push the audits to any type of endpoint that the gateway supports like HTTP, FTP, JDBC, JMS/MQ, etc.

Sincerely,

Stephen Hughes

Broadcom Support

Hi Hughes,

Thanks for your quick reply.

It's for Software Gateway Version 9.2.

We have created Azure MySQL DB. For gateway audit's,while doing JDBC Configurations we are getting the below exception. PFB Screenshot for your reference. 

Below properties have been added in the system.properties file. As per KB article below properties has been added.(

https://communities.ca.com/thread/241777750-ca-api-gateway-92-fails-to-support-oraclejdbcdriveroracledriver-class-oracle-jdbc-driver)

com.l7tech.server.jdbcDriver=com.mysql.jdbc.Driver\ncom.l7tech.jdbc.mysql.MySQLDriver\ncom.l7tech.jdbc.db2.DB2Driver\ncom.l7tech.jdbc.oracle.OracleDriver\ncom.l7tech.jdbc.sqlserver.SQLServerDriver\noracle.jdbc.OracleDriver

Regards,

Vinod

Vinod,

I've attached the document that outlines how to setup JDBC over SSL/TLS. This has not been formally tested but setup by one of our service team members.

Sincerely,

Stephen Hughes

Broadcom Support

Hi Hughes,

Trying to access the URL getting attached exception.Please help out here.

Hughes,

After made few changes,getting below exception.

Thanks for your prompt response!

Hi Hughes,

Now Getting new exception after patch upgradation of software gateway in V9.2 to connect to the Azure MySQL DB externally to save the logs. PFB Screenshot for your reference.

Hope will get quick reply..

Thanks!

Good afternoon,

There has been in an internal discussion around another customer ask for Azure MySQL DB. 

Excerpt from the conversation:

MySQL on Azure has a email format for the user name which our Gateway didn't allow. 

Check out the following : 

https://docops.ca.com/ca-api-gateway/9-3/en/release-notes-9-3/known-issues#KnownIssues-GatewayDoesNotConnecttoAzureMySQLDatabase(fixedin9.3CR4)

Sincerely,

Stephen Hughes

Broadcom Support

When you use the audit sink policy, it can greatly increase the latency.
The audit sink is blocking and we have had big latency problems with it.We were unaware of this because we calculated our latency before going to the logsink, but got complaints from clients connecting to us, bringing the issue to light.

The logsink policy was increasing latency by 90ms versus using the internal audit database. We see latencys in a policy with only a return-template response of 8ms without audit-sink-policy, and up to 100ms when sending logging to a backend sink policy. The more detail audit loglines inside a policy, the worse this was getting.

We since switched to a different approach using the accumulate data in memory assertion in the logsink policy, which does work fast. We read from the buffer in a scheduled task at another location.

If my memory is correct, since gateway 8.2, the logging and policy execution should be async, so, what's the version of your gateway?

We use gateway 9.2, when using the audit sink policy we have this problem. Using plain logsinks / traffic log, this problem is probably not there.