Layer7 API Management

  • 1.  Using Audit Message Filter (AMF) for filtering Audit Messages

    Posted Nov 27, 2018 01:31 AM

    I am using Audit Message Filter (AMF) to remove sensitive data acroos policies.

    Iam using Apply XSL Transformation Assertion in AMF to mask passwords from request payload before auditing and

    this is working as expected.

     

    With my policies, i am also having Audit Detail Assertions which logs some sensitive information as audit messages.

    I am not able to mask passwords from these messages, I tried using Evalutate Regular Expression Assertion and Apply XSL Transformation Assertion in AMF. 

     

    Is it right way to mask senstive information from audit messages using AMF ? And i am not able to use audit context variables like audit.request in AMF



  • 2.  Re: Using Audit Message Filter (AMF) for filtering Audit Messages
    Best Answer

    Broadcom Employee
    Posted Nov 27, 2018 06:27 PM

    Dear travinder12 ,

    "The AMF policy will be executed for each request/response that will be audited."

    ie. It only work on request/response messages, it won't work on the content in Audit Detail Assertions .

    You may change the Audit Detail assertion to only log the info which is not sensitive.

     

    For more details about AMF, you may refer to,

    Internal Use Policies - CA API Gateway - 9.4 - CA Technologies Documentation 

     

    Regards,

    Mark



  • 3.  Re: Using Audit Message Filter (AMF) for filtering Audit Messages

    Posted Dec 02, 2018 09:00 AM

    Thanks Mark  for your response , we got quite number of Audit detail assertions across services, was looking  easy one place to configuration to filter all the Audit detail assertions.