Using Software AG API Gateway 10.11
An extract from server.log when the log invocation policy is configured to log locally for each request/response including the native ones-
> 23] Runtime policy: Log Invocation Session Id: 06e1c0ad5a244b5cb44c9c2a45ccaf8d API: TicketsBookingMgmt API Version: 1.0 Invoked at: 3/12/22, 6:15 PM Application Name: Reliance Entertainment Ticket Booking App Application IP Address: 0:0:0:0:0:0:0:1 Application ID: 5495b54b-a86d-48f2-889b-86055859d12b Status: FAILURE Request payload: H4sIAAAAAAAAAKvm5VIAAqXMFCUrBSVzQyUdqEBxTn4JSMhQ18RAIcAXLp6Tn5xYkpmfB5IL8ox0dPGASxUUZSangsTNDAzggsmlRUWpecmVIPFgxyC4eGJZYmZOYlIOWENaYk5xqhIvVy0AhMt7mY8AAAA= Request headers: {"X-API-Timestamp":"2022-02-27T23:00:00","Accept":"*/*","X-API-SystemId":"IMAM","User-Agent":"PostmanRuntime/7.29.0","Connection":"keep-alive","Host":"localhost:5555","Accept-Encoding":"gzip, deflate, br","Authorization":"**************","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","Postman-Token":"d4984433-5718-4006-8ee8-67071ecba21d","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Length":"143","Content-Type":"application/json"} Query parameters: {"booking1":"10","booking2":"20"} Response payload: H4sIAAAAAAAAAE2Q3U6DQBCFX+WEa2wBtRd71xZiuEBJrQ+wwpFsCru4u6DG+O4uoSZmkplkfs58M99R8dlw9MroSET7usSD9PyQX6BuzKQ9LVtIDVpr7AbFElDROdlRAI/Sq5lwtLNqiNGaWbW0f+1H0xICd0mywYnvE51HTi9V7wSer0M3OKvmQu8OxlyU7qpu8DGeRlq5cIX69nWtxCj1bJo1fVYDxU6k9+I2RV3FyAO5qKRFmsXIkix4HHtF7VHWQSUR/y2N8RKwQz7nm5x6H65ssR/HXq0LxIm9kjoAFssbArQeFq0VFlfYZSL6+QXuLVaGRwEAAA== Response headers: {"X-API-TransRef":"ad5043c1-c46d-432e-826d-b76aa04e9cc5","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Type":"application/json"} Operation/Resource Name: /booking Target endpoint: http://localhost:5000/ticketsBookingMgmt/bookingDetMgmt/v1/booking?booking1=10&booking2=20 Partner ID: unknown Correlation ID: APIGW:5d7f43c6-1e2a-4922-adb4-4a21da2e1a4e:2405 Error origin: NATIVE Custom fields: custom fields are empty Native Request Headers: {"X-API-Timestamp":"2022-02-27T23:00:00","Accept":"*/*","X-API-SystemId":"IMAM","User-Agent":"PostmanRuntime/7.29.0","Accept-Encoding":"gzip, deflate, br","X-API-TransRef":"ad5043c1-c46d-432e-826d-b76aa04e9cc5","Authorization":"**************","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","Postman-Token":"d4984433-5718-4006-8ee8-67071ecba21d","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Length":"143","Content-Type":"application/json"} Native Request Payload: H4sIAAAAAAAAAKvm5VIAAqXMFCUrBSVzQyUdqEBxTn4JSMhQ18RAIcAXLp6Tn5xYkpmfB5IL8ox0dPGASxUUZSangsTNDAzggsmlRUWpecmVIPFgxyC4eGJZYmZOYlIOWENaYk5xqhIvVy0AhMt7mY8AAAA= Native Response Headers: {"X-API-TransRef":"ad5043c1-c46d-432e-826d-b76aa04e9cc5","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Type":"application/json"} Native Response Payload: H4sIAAAAAAAAAKvm5VJQUErOT0lVUrBSUHINdtIzMTDQM1DSAUukpBYnF2UWlGTm54HlnfLzszPz0hU8UxRSKzKLS4r1FAJyUhOLUxVKgThRISUzLS21KDWvRCE/L1VPiZerFgBdxdBmYQAAAA== Native HTTP Method: POST Native URL: http://localhost:5000/ticketsBookingMgmt/bookingDetMgmt/v1/booking?booking1=10&booking2=20 External Calls: [{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"http://localhost:5000/ticketsBookingMgmt/bookingDetMgmt/v1/booking?booking1=10&booking2=20","callStartTime":1647098130403,"callEndTime":1647098131492,"callDuration":1089,"responseCode":"400"}] Source Gateway Node: 192.168.100.12 Server ID: {31}
Is there a grok filter available to break down the logline into the respective fields occurring in the above logline?
I want to apply the filter before the logs are forwarded into Elasticsearch.
Thanks.