Layer7 API Management

Hello All,

In order to trail actions about adding/removing a role to an user, for example: user "admin" updated the role "Gateway Maintenance" for the user "user_test".

These informations are present in internal database in the table "audit_main".

How can we get these informations when saving audit in internal database is disabled?

Thanks,

Manil

You should read the part in docops about enterprise logging:

Enterprise Logging and Auditing of Gateway - CA API Gateway - 9.3 - CA Technologies Documentation 

The default ssg log should have all  the audits as well.

/opt/SecureSpan/Gateway/node/default/var/logs/ssg_0_0.log

Thanks for your answer.

These logs don't contain the users who perform the actions.

You could use the default Audit Sink Policy (Working with the Audit Sink Policy - CA API Gateway - 9.3 - CA Technologies Documentation) to offload audits to a database or use a custom Audit Sink Policy to create whatever you like.

Also check the variables available: Audit Sink Context Variables - CA API Gateway - 9.3 - CA Technologies Documentation 

E.g. with a custom Audit Sink Policy and convert the Audit record to xml with Convert Audit Record to XML Assertion (Convert Audit Record to XML Assertion - CA API Gateway - 9.3 - CA Technologies Documentation) a  Audit Detail assertion can be used to create audits in your standard logs or custom logger (and create a Log sink for it). You could even sent it to message queues. You will also be able to filter using policy logic for interesting events