Is there a grok filter available to filter the logs logged locally for API Gateway?

Using Software AG API Gateway 10.11

An extract from server.log when the log invocation policy is configured to log locally for each request/response including the native ones-

> 23] Runtime policy: Log Invocation Session Id: 06e1c0ad5a244b5cb44c9c2a45ccaf8d API: TicketsBookingMgmt API Version: 1.0 Invoked at: 3/12/22, 6:15 PM Application Name: Reliance Entertainment Ticket Booking App Application IP Address: 0:0:0:0:0:0:0:1 Application ID: 5495b54b-a86d-48f2-889b-86055859d12b Status: FAILURE Request payload: H4sIAAAAAAAAAKvm5VIAAqXMFCUrBSVzQyUdqEBxTn4JSMhQ18RAIcAXLp6Tn5xYkpmfB5IL8ox0dPGASxUUZSangsTNDAzggsmlRUWpecmVIPFgxyC4eGJZYmZOYlIOWENaYk5xqhIvVy0AhMt7mY8AAAA= Request headers: {"X-API-Timestamp":"2022-02-27T23:00:00","Accept":"*/*","X-API-SystemId":"IMAM","User-Agent":"PostmanRuntime/7.29.0","Connection":"keep-alive","Host":"localhost:5555","Accept-Encoding":"gzip, deflate, br","Authorization":"**************","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","Postman-Token":"d4984433-5718-4006-8ee8-67071ecba21d","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Length":"143","Content-Type":"application/json"} Query parameters: {"booking1":"10","booking2":"20"} Response payload: H4sIAAAAAAAAAE2Q3U6DQBCFX+WEa2wBtRd71xZiuEBJrQ+wwpFsCru4u6DG+O4uoSZmkplkfs58M99R8dlw9MroSET7usSD9PyQX6BuzKQ9LVtIDVpr7AbFElDROdlRAI/Sq5lwtLNqiNGaWbW0f+1H0xICd0mywYnvE51HTi9V7wSer0M3OKvmQu8OxlyU7qpu8DGeRlq5cIX69nWtxCj1bJo1fVYDxU6k9+I2RV3FyAO5qKRFmsXIkix4HHtF7VHWQSUR/y2N8RKwQz7nm5x6H65ssR/HXq0LxIm9kjoAFssbArQeFq0VFlfYZSL6+QXuLVaGRwEAAA== Response headers: {"X-API-TransRef":"ad5043c1-c46d-432e-826d-b76aa04e9cc5","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Type":"application/json"} Operation/Resource Name: /booking Target endpoint: http://localhost:5000/ticketsBookingMgmt/bookingDetMgmt/v1/booking?booking1=10&booking2=20 Partner ID: unknown Correlation ID: APIGW:5d7f43c6-1e2a-4922-adb4-4a21da2e1a4e:2405 Error origin: NATIVE Custom fields: custom fields are empty Native Request Headers: {"X-API-Timestamp":"2022-02-27T23:00:00","Accept":"*/*","X-API-SystemId":"IMAM","User-Agent":"PostmanRuntime/7.29.0","Accept-Encoding":"gzip, deflate, br","X-API-TransRef":"ad5043c1-c46d-432e-826d-b76aa04e9cc5","Authorization":"**************","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","Postman-Token":"d4984433-5718-4006-8ee8-67071ecba21d","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Length":"143","Content-Type":"application/json"} Native Request Payload: H4sIAAAAAAAAAKvm5VIAAqXMFCUrBSVzQyUdqEBxTn4JSMhQ18RAIcAXLp6Tn5xYkpmfB5IL8ox0dPGASxUUZSangsTNDAzggsmlRUWpecmVIPFgxyC4eGJZYmZOYlIOWENaYk5xqhIvVy0AhMt7mY8AAAA= Native Response Headers: {"X-API-TransRef":"ad5043c1-c46d-432e-826d-b76aa04e9cc5","X-API-ClientCorrelationRef":"73322958-8aec-4c11-9677-bd5d64cf4001","X-API-ClientMsgRef":"63322958-8aec-4c11-9677-bd5d64cf4000","Content-Type":"application/json"} Native Response Payload: H4sIAAAAAAAAAKvm5VJQUErOT0lVUrBSUHINdtIzMTDQM1DSAUukpBYnF2UWlGTm54HlnfLzszPz0hU8UxRSKzKLS4r1FAJyUhOLUxVKgThRISUzLS21KDWvRCE/L1VPiZerFgBdxdBmYQAAAA== Native HTTP Method: POST Native URL: http://localhost:5000/ticketsBookingMgmt/bookingDetMgmt/v1/booking?booking1=10&booking2=20 External Calls: [{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"http://localhost:5000/ticketsBookingMgmt/bookingDetMgmt/v1/booking?booking1=10&booking2=20","callStartTime":1647098130403,"callEndTime":1647098131492,"callDuration":1089,"responseCode":"400"}] Source Gateway Node: 192.168.100.12 Server ID: {31}

Is there a grok filter available to break down the logline into the respective fields occurring in the above logline?
I want to apply the filter before the logs are forwarded into Elasticsearch.
Thanks.

Hi Farhan,
Grok filter is not supported in API Gateway.

Regards.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.