API Gateway Analytics

The analytics dashboards display a variety of charts to provide an overview of API Gateway performance and its API usage. The data for these dashboards come from the API Gateway destination store.

Analytics Dashboards

In API Gateway there are two types of dashboards. Each of these dashboards has various filters that can be applied as per the required metrics to be monitored.

The dashboard displays depend on the events and metrics generated in API Gateway and their types. An event is a kind of notification or alert generated by the API Gateway Metrics and Event Notification module. Various types of event are generated based on the behavior of the transactions in the system. Events generated by API Gateway are real time events made persistent in the store and sent to configured destinations.

These are the types of events generated in API Gateway:

Note: Internalization is not supported in API Gateway dashboards.

API Gateway Dashboard

You can view the API Gateway dashboard by expanding the menu options icon icon, in the title bar, and selecting Analytics. The dashboard displays the API Gateway-wide analytics based on the metrics monitored.

The dashboard displays the API Gateway-wide analytics based on the metrics monitored. Click icon > Analytics to access API Gateway-wide analytics.

To filter the API Gateway-wide analytics, select the time interval using the options:

When you log in and view the analytics, the last used time interval is saved for each dashboard. When you view the dashboard again, the last used time interval for that dashboard is applied. The last used time interval is valid for the current session only. You can click on the specific event in the list under Legend to view the specific event in any of the widgets. You can view additional details for an event by hovering the cursor over a particular color in the graphical representations.

In the Applications dashboard, you can filter the data using the filter for Applications in the specified time interval. The Applications drop-down list displays all the applications. When you select an application, its data is displayed. By default, the data displayed is for all the applications.

In the Packages dashboard, you can filter the data using the filter for Packages in the specified time interval. The Packages drop-down list displays all the packages. When you select a package, its data are displayed. By default, the data displayed is for all the packages.

In the Audit logs dashboard, you can filter the data using the filter for Audit logs in the specified time interval. It displays the data of all the auditable events.

In the Cache statistics dashboard, you can filter the cache statistics data depending on the Node name and Application type specified in the specified time interval.

In the Application logs dashboard, you can filter the application logs depending on the node, origin of log and so on in the specified time interval. Click Download to download the aggregated logs, the logs collected from different sources such as API Gateway server logs, API Gateway UI logs, Internal Data Store logs, dashboard logs and platform logs. The downloaded logs would contain the logs filtered as per the time interval filter applied.

In the API usage details dashboard, you can filter the data using the filter for the API invocations in the specified time interval (in years). By default, the data displayed is for all the API invocations. This dashboard is visible only when API Gateway uses a transaction-based licensing model when each API invocation is considered as a transaction and API Gateway keeps a track of these transactions.

Note: The threat protection analytics information is visible only if you select the Alert destination as flow service in the Policies > Threat protection > Alert settings section.

Category Metric Description
Summary Overall events Displays a pie chart that lists different events being monitored and each of these event categories is depicted with different colors.
Application activity Displays the application activity in API Gateway during the specified time.
Runtime events Displays the run time event details such as time when the event was generated, API Name, the application that generated the event, event type, description of the alert generated due to the event, status, and the source of event.
Payload size Displays the payload size of the request and responses during data transfer in the specified time.

This data is picked up from the transactional event that is triggered when a log invocation policy is applied to the API.

Package performance Displays a pie chart depicting package performance during the specified time. The different colours in the pie chart depict different packages this API belongs to.
Trends Events over time Displays the trending of events generated by the APIs across API Gateway over time.
API trend by success Displays the trending of APIs based on their success rate in the performance metrics.
API trend by failure Displays the trending of APIs based on their failure rate in the performance metrics.
Overall error trends Displays a graph depicting the performance of all the APIs in the system based on the error event generated. Each of these event categories is depicted with different colors.
Applications Events per application Displays a pie chart that depicts the activity of events per application being monitored and each of these categories is depicted with different colors.
Violations per application Displays the number of violations per application based on the events generated such as monitoring, SLA violation, and policy violations.
Activity rate of consumed packages This bar chart displays the package that the selected application has consumed (when an application is chosen in the filter).

Hover the cursor over the bar chart to see the number of invocations to the package using the specified application.

Activity rate for consumed APIs Displays the activity rate for all the APIs that are consumed by the application during the specified time.
Runtime events Displays the run time event details such as API Name, event type, date when the event was created, the agent on which the event was generated, description of the alert generated due to the event, the source of event, and the application that generated the event.
Packages Package invocations Displays the number of package invocations during the specified time.
Trending subscription for package Displays the trending subscriptions for the package based on the number of invocations.

The different colours in the donut pie chart depict the trending behavior of the different applications in the package.

Trending APIs in the package Displays the number of invocations for an API for an application for the selected package over the specified time interval.
Threat protection Threat protection filters Displays the graphical representation of the events based on the filter violations during the specified time.
Threat protection rules Displays the graphical representation of the events based on the rule violations during the specified time.
Threat protection events Displays the threat protection event details such as Time, filter name, rule name, resource path, server host, and request time.
Audit logs Time Displays the time the event occurred.
User Displays the name of the user who caused the event.
Status Displays the current status of the transaction. The available values are:
  • SUCCESS
  • FAILURE
Source machine Displays the host name of the machine on which the event occurred.
Object type Displays the type of API Gateway object on which the event occurred. The available values are:
  • ACCESS_PROFILE_MANAGEMENT
  • ALIAS_MANAGEMENT
  • ANALYTICS_MANAGEMENT
  • API_MANAGEMENT
  • APPLICATION_MANAGEMENT
  • APPROVALS_MANAGEMENT
  • GROUPS_MANAGEMENT
  • PACKAGE_MANAGEMENT
  • PLAN_MANAGEMENT
  • PROMOTION_MANAGEMENT
  • POLICY_MANAGEMENT
  • USER_MANAGEMENT
Object Displays the UUID that uniquely identifies the object in the database.
Message Displays the success message or error message as a result of the event.
Client IP address Displays the IP address of the machine on which the event occurred.
Action Displays the type of action for the event. The available values are:
  • LOGIN
  • LOGOUT
  • CREATE
  • UPDATE
  • DELETE
  • ACTIVATE
  • DEACTIVATE
Payload Displays the content of data payload for the event.
API usage details - Dashboard API Gateway invocation usage This bar chart displays the trending of API invocations across API Gateway.

Hover the cursor over the bar chart to see the number of API invocations for the current month.

API Gateway invocation usage details Displays the details of the number of API invocations for each month.
API usage details Displays the API invocation details for each API such as API Name, API usage for each month and year.
API usage details - Report API usage detail report Displays the transaction count of API usages across stages.
Stage wise count Displays the stage-wise count of API usages.
Custom dashboards Create your own visualizations and compile the visualizations as custom dashboards.

To create custom dashboards, see Creating custom dashboards.

You can export and import the assets (visualizations and dashboards) from external Kibana to API Gateway custom dashboard, and API Gateway custom dashboard to external Kibana. The export and import are possible between API Gateway instances running on the same tenant. API Gateway does not support importing the assets across different tenants.

Note:You can import the assets created in Kibana 7.7.1 in to API Gateway.

Viewing API Usage Report

You can view the common metering dashboard by expanding the menu options icon icon, in the title bar, and selecting the Analytics > API usage details > Report. The dashboard displays the API usage metrics across all stages and also for specific stage. You can also view and download the API usage report.

By default, the current billing cycle’s API usage metrics are populated in the All stages and Stage wise count boxes. You can click the respective boxes and click Apply filter to filter the analytics based on the time interval chosen. You can select the time interval from the drop-down options. If you select custom, you can type the From date and To date to specify the time interval for which you want to view the API-specific analytics. You can also view and download the API usage report based on the applied filter.

You must have the manage user administration functional privilege to view and download the API usage details. You can view the API usage that is stage-specific or across stages.

The API usage report shows the transaction usage across all stages. When you click on API usage details > Report, it loads the transaction usage across all stages and also stage-specific transaction usages for the current month. You can then view API transaction usage report for all or single stage and also download these as PDF or CSV reports.

To view an API usage report

  1. Expand the menu options icon icon, in the title bar, and select Analytics.

  2. Click API usage details > Report.

  3. You can view the API detail report for transaction counts for APIs across stages as follows:

    a. Click All stages.

    b. Select the time interval from the drop-down options, and click Apply filter to filter the analytics based on the time interval chosen.

    If you select Custom, you can type the From Month and To Month to specify the time interval in which you want to view the API usage analytics across stages.

  4. You can view the API detail report for transaction counts for APIs in a single stage as follows:

    a. Expand Stage wise count.

    b. Click the stage for which you want to view the API usage report.

    c. Select the time interval from the drop-down options, and click Apply filter to filter the analytics based on the time interval chosen.

    If you select Custom, you can type the From Month and To Month to specify the time interval in which you want to to view the API usage analytics for the selected stage.

Downloading API Usage Report

You must have the manage user administration functional privilege to view and download the API usage details. You can view the API usage that is stage-specific or across stages.

To download an API usage report

  1. Expand the menu options icon icon, in the title bar, and select Analytics.

  2. Click API usage details > Report.

  3. You can download the API detail report for transaction counts for APIs in All stages as follows:

    a. Click All stages.

    b. Select the time interval from the drop-down options, and click Apply filter to filter the analytics based on the time interval chosen.

    If you select Custom, you can type the From Month and To Month to specify the time interval in which you want to view the API usage analytics across stages.

    c. To download a report:

    • Click Download as PDF report to download the report in the PDF format. The PDF report has the details such as API name, version and the API usage per month globally across stages.

    • Click Download CSV report to download the report in the CSV format. The CSV report has the details such as API name, version and the API usage per month globally across stages.

    • Click Download detailed CSV report to download the date-wise API usage report in the CSV format. The CSV report has the details such as API name, version and the API usage per day for the selected period across stages.

  4. You can download the API detail report for transaction counts for APIs in a single stage as follows:

    a. Expand Stage wise count.

    b. Click the stage for which you want to view the API usage report.

    c. Select the time interval from the drop-down options, and click Apply filter to filter the analytics based on the time interval chosen.

    If you select Custom, you can type the From Month and To Month to specify the time interval in which you want to view the API usage analytics for the selected stage.

    d. To download a report:

    • Click Download as PDF report to download the report in the PDF format. The PDF report has the details such as API name, version and the API usage per month in the selected stage.

    • Click Download CSV report to download the report in the CSV format. The CSV report has the details such as API name, version and the API usage per month in the selected stage.

    • Click Download detailed CSV report to download the date-wise API usage report in the CSV format. The CSV report has the details such as API name, version and the API usage per day for the selected period in the selected stage.

API-specific Dashboard

You can view the API-specific dashboard by navigating to the API details page and clicking the Analytics icon for the specific API. The dashboard displays the following analytics based on the metrics monitored.

To filter the API-specific analytics, select the time interval using the options:

When you log in and view the analytics, the last used time interval is saved for each dashboard. When you view the dashboard again, the last used time interval for that dashboard is applied. The last used time interval is valid for the current session only.

For the specified time interval you can also filter based on an API. The API drop-down list displays all the APIs. On selecting an API, the data displayed is for the selected API.

You can click on the specific event in the list under Legend to view the specific event in any of the widgets. You can view additional details for an event by hovering the cursor over a particular color in the graphical representations.

Metric Description
Events over time Displays the trending of events generated by the selected API over time.
API invocations Displays the number of time the API was invoked during the specified time.
API invocations -Status wise Displays the number of successful API invocations and failed API invocations during the specified time.
API invocations - Status wise API invocations is the sum of successful API invocations and failed API invocations
API invocation pattern Displays API invocation over period of time during the specified time interval in the form of a line graph.
Gateway vs Provider time Displays the comparison between gatewayTime performance and providerTime performance.
Native service performance Displays information on how fast the native service responds to the request received in the specified time based on the data in the transactional event.
Response code trend Displays the trend based on the response codes received from various events for the API during the specified time.
API trend by response Displays the trending of the selected API based on the response time from the performance metrics for that API.
Success vs Failure Displays the trending of API based on its success rate as compared to its failure rate in the performance metrics for the specified time.
Runtime events Displays the run time event details for the selected API. Displays information on the event type, date when the event was created, the agent on which the event was generated, description of the alert generated, the source of event, and the application that generated the event.
Service result cache Displays a bar graph showing the number of responses served from cache and the number of responses fetched from the native service at the operation level for the selected API during the specified time.
The Service result cache metric graphical representation is not supported for GraphQL API.
Method level invocations Displays the method level invocations per operation for the API during the specified time.
You can hover the cursor over the stacked bar chart to view the various methods invoked per operation or resource and also the operations or resources for the selected API during the specified time.
The Service result cache metric graphical representation is not supported for GraphQL API.

Creating custom dashboards

Pre-requisites:

You must have the API Gateway’s manage custom dashboards functional privilege assigned to manage the custom dashboards in Global analytics.

The Custom dashboards has two options:

Note:
Software AG recommends that you do not modify any default visualizations. If you modify any default visualizations, an upgrade or restart of API Gateway server overwrites the modifications.
Improper visualizations or long running queries in the visualizations can impact the performance of the Elasticsearch.

You can create custom dashboards for both API Gateway-wide analytics and API-specific analytics from the icon > Analytics page. You can create the visualizations and dashboards in the Kibana interface, and the dashboards are rendered in API Gateway user interface,

To create custom dashboards

  1. Click icon > Analytics.

  2. Click Custom dashboards > Build.

  3. Build custom dashboard. For instructions, see Kibana documentation.

    For API-specific custom dashboard, type apiId:”” in the search box and then save the dashboard. This filter creates a custom dashboard specific to API-specific analytics.

    To view the custom dashboard for API Gateway-wide analytics, click View and select the dashboard from the drop-down list.

    To view the custom dashboard for API-specific analytics, click APIs > API name > Analytics. Select the custom dashboard from the drop-down list.

Runtime Events and Metrics Data Model

API Gateway generates runtime events and Key Performance Indicator (KPI) metrics for the currently active APIs. The types of runtime events that API Gateway can generate are:

Events Description
Lifecycle A Lifecycle event is generated each time the API Gateway instance is started or shut down.
Error An Error event is generated each time an invocation of API results in an error.
Policy Violation A Policy Violation event is generated each time an invocation of API violates a policy that was configured for the API.
Transaction A Transaction event is generated each time an API is invoked (successfully or unsuccessfully).
Monitor A Monitor event is generated when a configured SLA parameter, such as the average response time, fault count, availability, and so on, is breached for the API.

KPI metrics are used to monitor the run-time execution of APIs. Metrics include the maximum response time, average response time, fault count, availability of APIs, and so on. If you include runtime monitoring policies, the policies will monitor the KPI metrics for APIs, and can send alerts to various destinations when user-specified performance conditions for an API are violated. The KPI metrics that API Gateway can generate are:

Metric Reports on…
Availability The percentage of time that an API was available during the current interval. A value of 100 indicates that the API was always available. Only the time when the API is unavailable counts against this metric. If invocations fail due to policy violations, this parameter could still be as high as 100.
Average Response Time The average amount of time it took the API to complete all invocations in the current interval. This is measured from the moment API Gateway receives the request until the moment it returns the response to the client.
Fault Count The number of failed invocations in the current interval.
Maximum Response Time The maximum amount of time it took the API to complete an invocation in the current interval.
Minimum Response Time The minimum amount of time it took the API to complete an invocation in the current interval.
Successful Request Count The number of successful API invocations in the current interval.
Total Request Count The total number of requests for each API running in API Gateway in the current interval.

You can configure API Gateway to publish the runtime events and metrics data to different destinations. The following sections describe the runtime events and metrics data model for each of these destinations:

API Gateway

The runtime events and metrics payload is generated by API Gateway at run-time. The columns that make up the events and metrics data model for API Gateway are listed below:

Transactional Events

Column Description
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI1
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationIp IP address of the application associated with the API invocation.
Example:10.20.248.33
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationName Name of the application associated with the API invocation.
An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
cachedResponse Indicates whether the response is sent to the client from the cached data present in API Gateway through the Service result caching policy or the response is received from Native service and sent to client.
Possible values are: Cached, Not-Cached
callbackRequest Indicates whether the event is generated for a callback request.
Possible values are:
  • true. This denotes that the event is generated for a callback request.
  • false. This denotes that the event is generated for a normal response.
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
customFields The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
eventSource The source where the event occurred.
Example: API_Gateway_Instance
errorOrigin The origin of error.
Example: Nativeservice
eventType The type of event that occurred.
Example: Transactional
externalCalls List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]
gatewayTime Duration in milliseconds, to process a request by API Gateway. This does not include native service processing duration.
gatewayTime = totalTime - providerTime
Example: 20
httpMethod The HTTP method used to invoke the API.
Example: GET
messagePayload This is applicable only for WebSocket APIs. The message payload for a particular API invocation.
Example: Sample WebSocket message
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
pacakgeId The unique identifier for the API package.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
packageName Name of the API package.
Example: Travel Package
planId The unique identifier for the API plan.
Example: d0f84954-9732-11e5-b9f4-f159eafe47b2
planName Name of the API plan.
Example: Gold Plan
providerTime Time in milliseconds required for API Gateway to invoke a native provider and receive a response. This time includes the overhead incurred by API Gateway. Overhead includes the time it takes for a provider to process a request and return a response, plus any network latency to or from the provider. Subtracting total time from provider time must give a rough indicator of the API Gateway overhead.
Example: 20
queryParameters This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
request The API request payload data.
Example: <RequestPayload>
requestHeaders Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
response The API request response data.
Example: <ResponsePayload>
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
responseHeaders Response header in the outgoing response.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"GET, POST, DELETE, PUT","Connection":"close","Date":"Fri, 30 Mar 2018 08:25:45 GMT","Access-Control-Allow-Headers":"Content-Type, api_key, Authorization","Content-Type":"application/xml"}
nativeHttpMethod The HTTP method used to invoke the native service.
Example: GET.
nativeRequestHeaders Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899", "postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
nativeReqPayload The native service request data.
Example: {"param1" : "value1", "param2" : 10}
nativeResponseHeaders Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
nativeResPayload The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
nativeURL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
sourceGateway Source of event generation.
Possible values: APIGateway or Microgateway.
sourceGatewayDetails Details of events generated only from Microgateway. The details include Microgateway Id, Source Gateway Host, Source Gateway Port, Source Gateway Version, Microgateway pool.**
sourceGatewayNode Source API Gateway’s IP address.
Example: 10.0.75.1
status Status of the API request.
Possible values are: SUCCESS, FAILURE
totalDataSize The total combined size of request and response payloads in bytes.
Example: 100
totalTime Time in milliseconds required to invoke the API provider. This time includes the overhead incurred by API Gateway. Overhead includes security overhead for encryption, decryption, and load-balance retries.
Example: 120

Error Events

Column Description
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationIp IP address of the application associated with the API invocation.
Example: 10.20.248.33
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
errorDesc Message that describes the error that occurred.
Example: Invocation for SampleAPI was rejected based on policy violation, response code: 503
eventSource The source where the event occurred.
Example: API_Gateway_Instance
eventType The type of event that occurred.
Example: Error Event
httpMethod The HTTP method used to invoke the API.
Example: GET
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
sourceGateway Source of event generation.
Possible values: APIGateway or Microgateway.
sourceGatewayDetails Details of events generated only from Microgateway. The details include Microgateway Id, Source Gateway Host, Source Gateway Port, Source Gateway Version, Microgateway pool.**
sourceGatewayNode Source API Gateway’s IP address.
Example: 10.0.75.1

Monitoring Events

Column Description
alertDesc Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: EnforcePolicy-HardLimit
alertType The type of alert generated for the event.
Possible values are: Monitor, sla
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationIp IP address of the application associated with the API invocation.
Example: 10.20.248.33
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventSource The source where the event occurred.
Example: API_Gateway_Instance
eventType The type of event that occurred.
Example: Monitor Event
httpMethod The HTTP method used to invoke the API.
Example: GET
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
sourceGateway Source of event generation.
Possible values: APIGateway or Microgateway.
sourceGatewayDetails Details of events generated only from Microgateway. The details include Microgateway Id, Source Gateway Host, Source Gateway Port, Source Gateway Version, Microgateway pool.**

Lifecycle Events

Column Description
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventType The type of event that occurred.
Example: LifeCycle
gatewayStatus Status of the API Gateway instance.
Possible values are: STARTED or STOPPED
sourceGatewayDetails Details of events generated only from Microgateway. The details include Microgateway Id, Source Gateway Host, Source Gateway Port, Source Gateway Version, Microgateway pool.**

Policy Violation Events

Column Description
alertDesc Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: A violation was detected for policy (Unknown-Policyuser ): application could not be identified. Anonymous access is not allowed for this service!
alertSource Name of the API Gateway policy that generated the alert message.
Example: Unknown-Policy
alertType The type of alert generated for the event.
Example: PolicyViolation
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationIp IP address of the application associated with the API invocation.
Example: 10.20.248.33
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventSource The source where the event occurred.
Example: API_Gateway_Instance
eventType The type of event that occurred.
Example: Policy Violation Event
httpMethod The HTTP method used to request the API access.
Example: GET
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
sourceGateway Source of event generation.
Possible values: APIGateway or Microgateway.
sourceGatewayDetails Details of events generated only from Microgateway. The details include Microgateway Id, Source Gateway Host, Source Gateway Port, Source Gateway Version, Microgateway pool.**
sourceGatewayNode Source API Gateway’s IP address.
Example: 10.0.75.1

Performance Metrics

Column Description
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
availability The percentage of time that an API was available during the current interval. A value of 100 indicates that the API was always available. If invocations fail due to policy violations, this parameter could still be as high as 100.
Example: 100
avgResponseTime The average amount of time it took the API to complete each invocation in the current interval. Response time is measured from the moment API Gateway receives the request until the moment it returns the response to the caller.
Example: 135
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventType The type of event that occurred.
Example: Performance Metrics Event
faultCount The number of failed API invocations in the current interval.
Example: 10
includeFaults Includes failed API invocations.
Possible values are: true, false
intervalStart The starting date and time from which you want to examine metrics.
Example: 1526294632172
intervalStop The ending date and time until which you want to examine metrics.
Example: 1526294632182
maxResponseTime The maximum amount of time (in milliseconds) it took for the API to complete an invocation in the current interval.
Example: 343
minResponseTime The minimum amount of time (in milliseconds) it took for the API to complete an invocation in the current interval.
Example: 10
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
successCount The number of successful API invocations in the current interval.
Example: 100
totalCount The total number of API invocations (successful and unsuccessful) in the current interval.
Example: 110

Threat Protection Events

Column Description
alertAction A helpful action taken on the API for the alert.
Example: DENY
filterName Name of the threat protection filter.
Example: DoSFilter
message If the API invocation failed, message that describes the error that occurred.
Example: Global Denial of Service limits were reached: Maximum requests limit of 2 in 120 seconds has been exceeded.
requestHost Hostname of the machine from which the API access request was submitted.
Example: 10.60.34.152
requestTime Date and time the request was submitted.
Example: 1501671101509
requestType The type of request that was received for the API.
Example: ALL
requestUser Name of the user on API Gateway from whom the request is received.
Example: null
resourcePath The relative URI path of a resource that was used for API invocation.
Example: invoke/pub.date/getCurrentDate
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
ruleName The API Gateway rule that triggered the event.
Example: GlobalDoSRule
serverHost The name or IP address of the machine on which the thread protection server is running.
Example: 10.60.34.83
serverPort The port number on which the thread protection server is configured to listen for incoming requests.
Example: 8911
sourceGateway Source of event generation.
Possible values: APIGateway or Microgateway.
sourceGatewayDetails Details of events generated only from Microgateway. The details include Microgateway Id, Source Gateway Host, Source Gateway Port, Source Gateway Version, Microgateway pool.**

API Portal

The runtime events and metrics payload generated by API Gateway at run-time is published to the configured API Portal destination. The columns that make up the events and metrics data model for API Portal are listed below:

Transactional Events

Column Description
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
<Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
consumerId The unique identifier for the consumer associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
consumerIp IP address of the consumer associated with the API invocation.
Example: 10.1.1.211
consumerName Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a security policy that is configured for the API.
Example: SampleApplication
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
customFields The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
errorOrigin The origin of error.
Example: Nativeserivce
eventType The type of event that occurred.
Example: Transactional
externalCalls List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":" These external calls can be to a native service or service registry. <br>Example:[{“externalCallType”:“SERVICE_REGISTRY_CALL”,“externalURL”:“http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": “200”},{“externalCallType”:“NATIVE_SERVICE_CALL”,“externalURL”:“https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]`
messagePayload This is applicable only for WebSocket APIs. The message payload for a particular API invocation.
Example: Sample WebSocket message
operationName Name of the API operation that is invoked. Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
providerTime Time in milliseconds required for API Gateway to invoke a native provider and receive a response. This time includes the overhead incurred by API Gateway. Overhead includes the time it takes for a provider to process a request and return a response, plus any network latency to or from the provider. Subtracting total time from provider time must give a rough indicator of the API Gateway overhead.
Example: 20
queryParameters This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
request The API request payload data.
Example: <RequestPayload>
requestHeaders Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
response The API response payload data.
Example: <ResponsePayload>
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
responseHeaders Response header in the outgoing response.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"GET, POST, DELETE, PUT","Connection":"close","Date":"Fri, 30 Mar 2018 08:25:45 GMT","Access-Control-Allow-Headers":"Content-Type, api_key, Authorization","Content-Type":"application/xml"}
nativeHttpMethod The HTTP method used to invoke the native service.
Example: GET.
nativeRequestHeaders Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899", "postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
nativeReqPayload The native service request data.
Example: {"param1" : "value1", "param2" : 10}
nativeResponseHeaders Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
nativeResPayload The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
nativeURL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
sourceGatewayNode Source API Gateway’s IP address.
Example: 10.0.75.1
status Status of the API request.
Possible values are: SUCCESS, FAILURE
totalDataSize The total combined size of request and response payloads in bytes.
Example: 100
totalTime Time in milliseconds required to invoke the API provider. This time includes the overhead incurred by API Gateway. Overhead includes security overhead for encryption, decryption, and load-balance retries.
Example: 120

Error Events

Column Description
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
consumerId The unique identifier for the consumer associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
consumerIp IP address of the consumer associated with the API invocation.
Example: 10.20.248.33
consumerName Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a security policy that is configured for the API.
Example: SampleApplication
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
errorDesc Message that describes the error that occurred. Service invocation for SampleAPI was rejected based on policy violation, response code: 503
eventType The type of event that occurred.
Example: Error Event
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 503
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2

Monitoring Events

Column Description
alertDesc Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: EnforcePolicy-HardLimit
alertType The type of alert generated for the event.
Example: sla
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
consumerId The unique identifier for the consumer associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
consumerIp IP address of the consumer associated with the API invocation.
Example: 10.20.248.33
consumerName Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a security policy that is configured for the API.
Example: SampleApplication
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventType The type of event that occurred.
Example: Monitor Event
httpMethod The HTTP method used to request the API access.
Example: GET
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
responseCode The HTTP response status code that indicates success or failure of the requested operation. Example: 200
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2

Lifecycle Events

Column Description
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventStatus Status of the API Gateway instance.
Possible values are: STARTED or STOPPED
eventType The type of event that occurred.
Example: LifeCycle
targetName Name of the API Gateway instance reporting the event.
Example: API_Gateway_Instance

Policy Violation Events

Column Description
alertDesc Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: A violation was detected for policy (Unknown-Policyuser ): application could not be identified. Anonymous access is not allowed for this service!
alertSource Name of the API Gateway policy that generated the alert message.
Example: Unknown-Policy
alertType The type of alert generated for the event.
Example: PolicyViolation
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
consumerId The unique identifier for the consumer associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
consumerIp IP address of the consumer associated with the API invocation.
Example: 10.20.248.33
consumerName Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a security policy that is configured for the API.
Example: SampleApplication
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventType The type of event that occurred.
Example: Policy Violation Event
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
sessionId A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2

Performance Metrics

Column Description
apiId The unique identifier for the API.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b1
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
availability The percentage of time that an API was available during the current interval. A value of 100 indicates that the API was always available. If invocations fail due to policy violations, this parameter could still be as high as 100.
Example: 100
avgResponseTime The average amount of time it took the API to complete each invocation in the current interval. Response time is measured from the moment API Gateway receives the request until the moment it returns the response to the caller.
Example: 135
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventType The type of event that occurred.
Example: Performance Metrics Event
faultCount The number of failed API invocations in the current interval.
Example: 10
includeFaults Includes failed API invocations.
Possible values are: true, false
intervalStart The starting date and time from which you want to examine metrics.
Example: 2015-08-26 04:13:35 PM
intervalStop The ending date and time until which you want to examine metrics.
Example: 2015-08-26 04:13:45 PM
maxResponseTime The maximum amount of time (in milliseconds) it took for the API to complete an invocation in the current interval.
Example: 343
minResponseTime The minimum amount of time (in milliseconds) it took for the API to complete an invocation in the current interval.
Example: 10
operationName Name of the API operation that is invoked.
Example: Using a Calculator API, you can perform various operations such as addition, subtraction, multiplication, and division. When an addition operation is invoked in API Gateway, then the operation field name is populated as addInts.
successCount The number of successful API invocations in the current interval.
Example: 100
totalCount The total number of API invocations (successful and unsuccessful) in the current interval.
Example: 110

Threat Protection Events

Column Description
alertAction A helpful action taken on the API for the alert.
Example: DENY
filterName Name of the threat protection filter.
Example: DoSFilter
message If the API invocation failed, message that describes the error that occurred.
Example: Global Denial of Service limits were reached: Maximum requests limit of 2 in 120 seconds has been exceeded.
requestHost Hostname of the machine from which the API access request was submitted.
Example: 10.60.34.152
requestTime Date and time the request was submitted.
Example: 1501671101509
requestType The type of request that was received for the API.
Example: ALL
requestUser Name of the user on API Gateway from whom the request is received.
Example: null
resourcePath The relative URI path for a resource that was used for API invocation.
Example: invoke/pub.date/getCurrentDate
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200
ruleName The API Gateway rule that triggered the event.
Example: GlobalDoSRule
serverHost The name or IP address of the machine on which the thread protection server is running.
Example: 10.60.34.83
serverPort The port number on which the thread protection server is configured to listen for incoming requests.
Example: 8911

Audit Log

The runtime events and metrics payload generated by API Gateway at run-time is published to the configured Audit Log destination. The columns that make up the events and metrics data model for Audit Log are listed below:

Transactional Events

Column Description
API_ID The unique identifier for the API.
Example: ec1473cc-40a0-479e-9126-474a917c3c89
API_NAME Name of the API in which the event occurred.
Example: SampleAPI
API_VERSION The system-assigned version identifier for the API.
Example: 1.0
AUDITTIMESTAMP Date and time when the event was written to the log.
Example: 2017-08-07 07:22:22
CONSUMER_IP IP address of the consumer associated with the API invocation.
Example: 10.60.37.42
CONSUMER_NAME Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a policy that is configured for the API.
Example: SampleApplication
CONTEXTID The unique identifier for the current context information API Gateway uses to connect related entries from different logs. This column is currently not used. It appears as NULL or as an empty string.
Example: 81546147-41a8-4998-8150-02ba67bb08c2
CORRELATIONID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
CUSTOMFIELDS The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
ERROR_ORIGIN The origin of error.
Example: Nativeservice
EVENT_PK The primary key (PK) that uniquely identifies the event that occurred.
Example: 1
EXTERNAL_CALLS List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]
INSERTTIMESTAMP Date and time when the event was generated in API Gateway.
Example: 2017-08-07 07:22:22
MSGID The ID assigned to the message by the API provider. This column is currently not used.
Example: 361dc2f8-a60b-fc21-8545-9b07fce1a479
NATIVE_ENDPOINT The endpoint URL of the native API that is invoked.
Example: http://petstore.swagger.io/v2/pet/55
NATIVE_HTTP_METHOD The HTTP method used to invoke the native service.
Example: GET.
NATIVE_REQUEST_HEADERS Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899","postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
NATIVE_REQ_PAYLOAD The native service request data.
Example: {"param1" : "value1", "param2" : 10}
NATIVE_RESPONSE_HEADERS Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
NATIVE_RES_PAYLOAD The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
NATIVE_URL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
OPERATION_NAME Name of the API operation or resource that is invoked.
Example: /pet/{petId}
PROVIDER_TIME Time in milliseconds required for API Gateway to invoke a native provider and receive a response. This time includes the overhead incurred by API Gateway. Overhead includes the time it takes for a provider to process a request and return a response, plus any network latency to or from the provider. Subtracting total time from provider time must give a rough indicator of the API Gateway overhead.
Example: 1336
QUERY_PARAMETERS This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
REQUEST_HEADERS Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
RESPONSE_HEADERS Response header in the outgoing response.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"GET, POST, DELETE, PUT","Connection":"close","Date":"Fri, 30 Mar 2018 08:25:45 GMT","Access-Control-Allow-Headers":"Content-Type, api_key, Authorization","Content-Type":"application/xml"}
ROOTCONTEXTID The unique identifier for the root context information API Gateway uses to connect related entries from different logs. This column is currently not used. It appears as NULL or as an empty string.
Example: 81546147-41a8-4998-8150-02ba67bb08c2
SERVERID The API Gateway server on which the transaction event occurred. This column is currently not used. It appears as NULL or as an empty string.
Example: *SampleHost:80
SERVICE_NAME Name of the service in which the event occurred.
Example: Swagger_Petstore
SESSION_ID A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: 6dfcd849198c4a7e96b4ff89bc2deaf5
SOURCE_GATEWAY_NODE Source API Gateway’s IP address.
Example: 10.0.75.1
STATUS Status of the API request.
Possible values are: SUCCESS, FAILURE
TOTAL_TIME Time in milliseconds required to invoke the API provider. This time includes the overhead incurred by API Gateway. Overhead includes security overhead for encryption, decryption, and load-balance retries.
Example: 1042

CentraSite

The runtime events and metrics payload generated by API Gateway at run-time is published to the configured CentraSite destination. The columns that make up the events and metrics data model for CentraSite are listed below:

Transactional Events

Column Description
ApiUserVersion The system-assigned version identifier for the API.
Example: 1.0
Consumer Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a policy that is configured for the API.
Example: SampleApplication
ConsumerId The unique identifier for the consumer associated with the API invocation.
Example: be8b27d6-8f79-4c6e-b06c-a628d2ba30c3
Consumer IP Address IP address of the consumer associated with the API invocation.
Example: 10.60.20.169
CorrelationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
Created Time Date and time when the event was generated in API Gateway.
Example: 2017-08-09 01:27:45 AM
CustomFields The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
ErrorOrigin The origin of error.
Example: Nativeservice
Event Type The type of event that occurred.
Example: Transaction Event
External Calls List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]
Native HTTP Method The HTTP method used to invoke the native service.
Example: GET.
Native Request Headers Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899", "postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
Native Req Payload The native service request data.
Example: {"param1" : "value1", "param2" : 10}
Native Response Headers Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
Native Res Payload The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
Native URL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
PartnerId The unique identifier for the partner that generated the audit record.
Example: unknown
Provider Round Trip Time Time in milliseconds required for API Gateway to invoke a native provider and receive a response. This time includes the overhead incurred by API Gateway. Overhead includes the time it takes for a provider to process a request and return a response, plus any network latency to or from the provider. Subtracting total time from provider time must give a rough indicator of the API Gateway overhead.
Example: 1700
queryParameters This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
requestHeaders Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
RequestPayload The API request payload data.
Example: <RequestPayload>
responseHeaders Response header in the outgoing response.
Example: `{“Server”:“Jetty(9.2.9.v20150224)”,“Access-Control-Allow-Origin”:”*“,“Access-Control-Allow-Methods”:“GET, POST, DELETE, PUT”,“Connection”:“close”,“Date”:“Fri, 30 Mar 2018 08:25:45 GMT”,“Access-Control-Allow-Headers”:“Content-Type, api_key, Authorization”,“Content-Type”
ResponsePayload The API response payload data.
Example: <ResponsePayload>
sourceGatewayNode Source API Gateway’s IP address.
Example: 10.0.75.1
Total Round Trip time Time in milliseconds required to invoke the API provider. This time includes the overhead incurred by API Gateway. Overhead includes security overhead for encryption, decryption, and load-balance retries.
Example: 1707
Gateway Name of the API Gateway instance reporting the event.
Example: API_Gateway_Instance
Request Status Status of the API request. Possible values are: SUCCESS, FAILURE

Error Events

Column Description
ApiUserVersion The system-assigned version identifier for the API.
Example: 1.0
Consumer Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a policy that is configured for the API.
Example: SampleApplication
ConsumerId The unique identifier for the consumer associated with the API invocation.
Example: be8b27d6-8f79-4c6e-b06c-a628d2ba30c3
Consumer IP Address IP address of the consumer associated with the API invocation.
Example: 10.60.20.169
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
Created Time Date and time when the event was generated in API Gateway.
Example: 2017-08-09 08:24:04 AM
Error Source The source where the error occurred.
Example: e1cc3c7b-495d-11e7-a5a6-88cf17308ba4
Error Description Message that describes the error that occurred.
Example: Resource / not found
Event Type The type of event that occurred.
Example: Error Event
Gateway Name of the API Gateway instance reporting the event.
Example: API_Gateway_Instance

Monitoring Events

Column Description
ApiUserVersion The system-assigned version identifier for the API.
Example: 1.0
Alert Source Name of the API Gateway policy that generated the alert message.
Example: Monitorpolicy, EnforcePolicy-HardLimit
Alert Type The type of alert generated for the event.
Possible values are: Monitor, Sla
Alert Description Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: MSLA_ALERT MESSAGE
Consumer Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a policy that is configured for the API.
Example: SUCRQ_App
ConsumerId The unique identifier for the consumer associated with the API invocation.
Example: d0e2e008-1890-4f2c-8a91-7678cb92dbfb
Consumer IP Address IP address of the consumer associated with the API invocation.
Example: 10.60.37.118
Created Time Date and time when the event was generated in API Gateway.
Example: 2017-08-08 02:27:34 PM
Event Type The type of event that occurred.
Example: Monitoring Event
Error Description Message that describes the error that occurred.
Example: Resource / not found
Gateway Name of the API Gateway instance reporting the event.
Example: API_Gateway_Instance
Monitored Attribute The monitored attribute which has breached the configured SLA.
Example: AVGRESPONSETIME GT 1.0, SUCCESSCOUNT EQ 3, REQUESTCOUNT GT 10

Policy Violation Events

Column Description
ApiUserVersion The system-assigned version identifier for the API.
Example: 1.0
Alert Source Name of the API Gateway policy that generated the alert message.
Example: Unknown-Policy
Alert Type The type of alert generated for the event.
Example: PolicyViolation
Alert Description Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: A violation of policy was detected : Unable to identify the application for the request
Consumer Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a policy that is configured for the API.
Example: unknown
ConsumerId The unique identifier for the consumer associated with the API invocation.
Example: unknown
Consumer IP Address IP address of the consumer associated with the API invocation.
Example: 10.60.37.118
Created Time Date and time when the event was generated in API Gateway.
Example: 2017-08-09 08:25:52 AM
Event Type The type of event that occurred.
Example: Policy Violation Event
Gateway Name of the API Gateway instance reporting the event.
Example: API_Gateway_Instance

Lifecycle Events

Column Description
TimeStamp Date and time when the event was generated in API Gateway.
Example: 2017-08-26 04:13:35 PM
Target Name of the API Gateway instance reporting the event.
Example: API_Gateway_Instance
LifeCycleStatus Status of the API Gateway instance.
Possible values are: STARTED or STOPPED
LifeCycleAlertDescription The alert notification message for the lifecycle event.
Example: Alert_Message

Elasticsearch

The runtime events and metrics payload generated by API Gateway at run-time is published to the configured Elasticsearch destination. The columns that make up the events and metrics data model for Elasticsearch are listed below:

Transactional Events

Column Description
apiId The unique identifier for the API.
Example: af70b2de-c9c5-4f40-94be-7d8622743e42
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationIp IP address of the application associated with the API invocation.
Example: 10.60.37.42
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
cachedResponse Indicates whether the response is sent to the client from the cached data present in API Gateway through the Service result caching policy or the response is received from Native service and sent to client.
Possible values are: Cached, Not-Cached
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
isCallbackRequest Indicates whether the event is generated for a callback request.
Possible values are:
  • true. This denotes that the event is generated for a callback request.
  • false. This denotes that the event is generated for a normal response.
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
customFields The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
errorOrigin The origin of error.
Example: Nativeservice
eventType The type of event that occurred.
Example: Transactional
externalCalls List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]
httpMethod The HTTP method used to invoke the API.
Example: GET
messageType This is applicable only for WebSocket APIs. This indicates the type of a WebSocket message.
Possible values are: binary, text
nativeHttpMethod The HTTP method used to invoke the native service.
Example: GET.
nativeRequestHeaders Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899", "postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
nativeReqPayload The native service request data.
Example: {"param1" : "value1", "param2" : 10}
nativeResponseHeaders Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
nativeResPayload The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
nativeURL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
operationName Name of the API operation that is invoked.
Example: /pet/{petId}
packageId The unique identifier for the API package.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
packageName Name of the API package.
Example: Travel Package
planId The unique identifier for the API plan.
Example: d0f84954-9732-11e5-b9f4-f159eafe47b2
planName Name of the API plan.
Example: Gold Plan
providerTime Time in milliseconds required for API Gateway to invoke a native provider and receive a response. This time includes the overhead incurred by API Gateway. Overhead includes the time it takes for a provider to process a request and return a response, plus any network latency to or from the provider. Subtracting total time from provider time must give a rough indicator of the API Gateway overhead.
Example: 1367
queryParameteres This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
reqPayload The API request payload data.
Example: <RequestPayload>
requestHeaders Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
resPayload The API response payload data.
Example: <ResponsePayload>
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 404
responseHeaders Response header in the outgoing response.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"GET, POST, DELETE, PUT","Connection":"close","Date":"Fri, 30 Mar 2018 08:25:45 GMT","Access-Control-Allow-Headers":"Content-Type, api_key, Authorization","Content-Type":"application/xml"}
sourceGatewayNode Source API Gateway’s IP address.
Example: 10.0.75.1
status Status of the API request.
Possible values are: SUCCESS, FAILURE
totalDataSize The total combined size of request and response payloads in bytes.
Example: 51
totalTime Time in milliseconds required to invoke the API provider. This time includes the overhead incurred by API Gateway. Overhead includes security overhead for encryption, decryption, and load-balance retries.
Example: 1401

Error Events

Column Description
apiId The unique identifier for the API.
Example: af70b2de-c9c5-4f40-94be-7d8622743e42
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationIp IP address of the application associated with the API invocation.
Example: 10.60.37.42
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
correlationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
errorDesc Message that describes the error that occurred.
Example: Native service provider error. Code : 404
eventSource The source where the event occurred.
Example: API_Gateway_Instance
eventType The type of event that occurred.
Example: Error
httpMethod The HTTP method used to invoke the API.
Example: GET
operationName Name of the API operation that is invoked.
Example: /pet/{petId}
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 404

Monitoring Events

Column Description
alertDesc Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: EnforcePolicy-HardLimit
alertSource Name of the API Gateway policy that generated the alert message.
Example: Monitorpolicy
alertType The type of alert generated for the event.
Example: Monitor
apiId The unique identifier for the API.
Example: af70b2de-c9c5-4f40-94be-7d8622743e42
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
applicationIp IP address of the application associated with the API invocation.
Example: 10.60.37.42
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventSource The source where the event occurred.
Example: API_Gateway_Instance
eventType The type of event that occurred.
Example: Monitor
httpMethod The HTTP method used to request the API access.
Example: GET
monitorAttr The monitored attribute which has breached the configured SLA.
Example: AVGRESPONSETIME GT 1.0, SUCCESSCOUNT EQ 3, REQUESTCOUNT GT 10
operationName Name of the API operation that is invoked.
Example: /pet/{petId}
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 200

Policy Violation Events

Column Description
alertDesc Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: A violation was detected for policy (Unknown-Policyuser ): application could not be identified. Anonymous access is not allowed for this service!
alertSource Name of the API Gateway policy that generated the alert message.
Example: Unknown-Policy
alertType The type of alert generated for the event.
Example: PolicyViolation
apiId The unique identifier for the API.
Example: af70b2de-c9c5-4f40-94be-7d8622743e42
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
applicationId The unique identifier for the application associated with the API invocation.
Example: 9434e90d-65c3-4e37-8ccb-595b8df3e645
applicationIp IP address of the application associated with the API invocation.
Example: 10.60.37.42
applicationName Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventSource The source where the event occurred.
Example: API_Gateway_Instance
eventType The type of event that occurred.
Example: PolicyViolation
httpMethod The HTTP method used to request the API access.
Example: GET
operationName Name of the API operation that is invoked.
Example: /pet/{petId}
responseCode The HTTP response status code that indicates success or failure of the requested operation.
Example: 503

Performance Metrics

Column Description
apiId The unique identifier for the API.
Example: af70b2de-c9c5-4f40-94be-7d8622743e42
apiName Name of the API in which the event occurred.
Example: SampleAPI
apiVersion The system-assigned version identifier for the API.
Example: 1.0
availability The percentage of time that an API was available during the current interval. A value of 100 indicates that the API was always available. If invocations fail due to policy violations, this parameter could still be as high as 100.
Example: 100.0
avgResponseTime The average amount of time it took the API to complete each invocation in the current interval. Response time is measured from the moment API Gateway receives the request until the moment it returns the response to the caller.
Example: 1376
creationDate Date and time when the event was generated in API Gateway.
Example: 1501671101509
eventType The type of event that occurred.
Example: PerformanceData
faultCount The number of failed API invocations in the current interval.
Example: 1
includeFaults Includes failed API invocations.
Possible values are: true, false
intervalStart The starting date and time from which you want to examine metrics.
Example: 02 Aug 2017 10:51:31 GMT
intervalStop The ending date and time until which you want to examine metrics.
Example: 02 Aug 2017 10:52:31 GMT
maxResponseTime The maximum amount of time (in milliseconds) it took for the API to complete an invocation in the current interval.
Example: 1401
minResponseTime The minimum amount of time (in milliseconds) it took for the API to complete an invocation in the current interval.
Example: 1352
operationName Name of the API operation that is invoked.
Example: /pet/{petId}
successCount The number of successful API invocations in the current interval.
Example: 1
totalCount The total number of API invocations (successful and unsuccessful) in the current interval.
Example: 2

Email

The runtime events and metrics payload generated by API Gateway at run-time is published to the configured Email destination. The columns that make up the events and metrics data model for Email are listed below:

Transactional Events

Column Description
API Name of the API in which the event occurred.
Example: SampleAPI
CorrelationID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
CustomFields The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
Description Message that describes the date and time the API was invoked and the application associated with the API invocation. Invoked at 4/24/18 1:50 PM Consumer Name: Unknown Consumer ID: Unknown
ErrorOrigin The origin of error.
Example: Nativeservice
External Calls List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]
Native Endpoint The endpoint URL of the native API being invoked.
Example: http://petstore.swagger.io/v2/pet/55
Native HTTP Method The HTTP method used to invoke the native service.
Example: GET.
Native Request Headers Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899", "postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
Native Req Payload The native service request data.
Example: {"param1" : "value1", "param2" : 10}
Native Response Headers Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
Native Res Payload The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
Native URL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
Operation/Resource Name Name of the operation or resource that is being invoked on the API.
Example: /pet/{petId}
QueryParameters This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
RequestHeaders Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
ResponseHeaders Response header in the outgoing response.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"GET, POST, DELETE, PUT","Connection":"close","Date":"Fri, 30 Mar 2018 08:25:45 GMT","Access-Control-Allow-Headers":"Content-Type, api_key, Authorization","Content-Type":"application/xml"}
Runtime Policy Name of the runtime policy that is enforced on the API.
Example: Log Invocation
Source Gateway Node Source API Gateway’s IP address.
Example: 10.0.75.1
Status Status of the API invocation.
Possible values are: SUCCESS, FAILURE
Version The system-assigned version identifier for the API.
Example: 1.0

Monitoring Events

Column Description
API Name of the API in which the event occurred.
Example: SampleAPI
Action Type The type of alert generated for the event.
Example: Monitor
Alert Message Text of the alert message sent to a configured destination when the performance conditions are violated. The alert message is specified in the policy definition of an API.
Example: Test
Attribute The monitored attribute which has breached the configured SLA.
Example: AVGRESPONSETIME GT 1.0, SUCCESSCOUNT EQ 3, REQUESTCOUNT GT 10
Consumer ID The unique identifier for the consumer associated with the API invocation.
Example: c0f84954-9732-11e5-b9f4-f159eafe47b2
Consumer Name Name of the consumer associated with the API invocation. A consumer name is populated as unknown when API Gateway is unable to identify the consumer using a policy that is configured for the API.
Example: SampleApplication
Native Endpoint The endpoint URL of the native API that is being invoked.
Example: http://petstore.swagger.io/v2/pet/55
Operation/Resource Name Name of the operation or resource that is being invoked on the API.
Example: /pet/{petId}
Runtime Policy Name of the runtime policy that is enforced on the API.
Example: Log Invocation
Version The system-assigned version identifier for the API.
Example: 1.0

Local Log

The runtime events and metrics payload generated by API Gateway at run-time is published to the configured Local Log destination. The columns that make up the events and metrics data model for Local Log are listed below:

Transactional Events

Column Description
API Name of the API in which the event occurred.
Example: SampleAPI
API Version The system-assigned version identifier for the API.
Example: 1.0.0
Application ID The unique identifier for the application associated with the API invocation.
Example: 7908eb44-d107-4670-929d-89111fc9347c
Application IP Address IP address of the application associated with the API invocation.
Example: 10.60.37.42
Application Name Name of the application associated with the API invocation. An application name is populated as unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: SampleApplication
Correlation ID The unique identifier that is automatically generated for every request coming to API Gateway and can be used to query the log.
Example: MED38e9cfa4-2348-408b-9462-124b2181c1a6:656
customFields The custom fields an API Provider can provide to log a new field and value for a transaction event.
Example: {“customfield”:“customvalue”}
Error Origin The origin of error.
Example: Nativeservice
External Calls List the external calls from API Gateway. These external calls can be to a native service or service registry.
Example: [{"externalCallType":"SERVICE_REGISTRY_CALL","externalURL":"http://service.registry.com","callDuration":49,"callStartTime":1562244570486,"callEndTime":1562244570535,"responseCode": "200"},{"externalCallType":"NATIVE_SERVICE_CALL","externalURL":"https://petstore.swagger.io/v2/store/inventory","callDuration":1285,"callStartTime":1562244569252,"callEndTime":1562244570537,"responseCode":"200"}]
Invoked at Date and time the API is invoked.
Example: Invoked at 5/14/18 6:56 PM
Native HTTP Method The HTTP method used to invoke the native service.
Example: GET.
Native Request Headers Request header in the incoming request from the API Gateway to native service.
Example: {"Authorization":"**************","Accept": "*/*","Authorization": "**************", "Accept":"*/*","Cache-Control": "no-cache","User-Agent": "PostmanRuntime/7.13.0","Postman-Token":"381424fa-e3b3-4058-8df9-4abf9d72c899", "postmanHeader": "hello","accept-encoding": "gzip, deflate", "Content-Type": "application/x-www-form-urlencoded"}
Native Req Payload The native service request data.
Example: {"param1" : "value1", "param2" : 10}
Native Response Headers Response header in the outgoing response from the native service to API Gateway.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods": "GET, POST, DELETE,PUT","Connection":"close","Date": "Fri, 07 Jun 2019 12:44:13 GMT","Access-Control-Allow-Headers": "Content-Type,api_key, Authorization","Content-Type": "application/json"}
Native Res Payload The native service response data.
Example: {"id":2,"category":{ "id":2, "name":"string"},"name":"pysen","photoUrls":["string"],"tags":[{"id":0, name":"string"}],"status":"available"}
Native URL URL of the native service.
Example: http://petstore.swagger.io/v2/pet/2
Operation/Resource name Name of the API operation or resource that is invoked.
Example: /pet
Partner ID The unique identifier for the partner that generated the audit record.
Example: unknown
QueryParameters This is applicable only for REST APIs. Query parameters present in the incoming REST request.
Example: {“status”:“available”}
RequestHeaders Request header in the incoming request from the client.
Example: {"Cache-Control":"max-age=0","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","Upgrade-Insecure-Requests":"1","Connection":"keep-alive","User-Agent":"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","Host":"mcdaso02:5555","Accept-Encoding":"gzip, deflate","Accept-Language":"en-US,en;q=0.9,ta;q=0.8","Content-Type":"application/x-www-form-urlencoded"}
ResponseHeaders Response header in the outgoing response.
Example: {"Server":"Jetty(9.2.9.v20150224)","Access-Control-Allow-Origin":"*","Access-Control-Allow-Methods":"GET, POST, DELETE, PUT","Connection":"close","Date":"Fri, 30 Mar 2018 08:25:45 GMT","Access-Control-Allow-Headers":"Content-Type, api_key, Authorization","Content-Type":"application/xml"}
Runtime Policy Name of the API Gateway policy that triggered the event.
Example: Log Invocation
Session Id A string the API Gateway server generates to uniquely identify each session. This is either the IS session token or the automatically generated GUID if the token is missing from the message context.
Example: 81439d366e874bc79d9f81490e30e6e0
Source Gateway Node Source API Gateway’s IP address.
Example: 10.0.75.1
Status Status of the API request.
Possible values are: SUCCESS, FAILURE
Target endpoint The endpoint URL of the native API that is invoked.
Example: http://petstore.swagger.io/v2/pet/55

Monitoring Events

Column Description
Application ID The unique identifier for the application associated with the API invocation.
Example: 7908eb44-d107-4670-929d-89111fc9347c
Application IP IP address of the application associated with the API invocation.
Example: 10.60.37.42
Breached attribute The monitored attribute which has breached the configured SLA.
Example: AVGRESPONSETIME GT 1.0, SUCCESSCOUNT EQ 3, REQUESTCOUNT EQ 1
Description Message that describes the event that occurred.
Example: Alert_Message
Name Name of the application associated with the API invocation. An application name is populated as Unknown when API Gateway is unable to identify the application using a security policy that is configured for the API.
Example: Unknown
Native Endpoint The endpoint URL of the native API that is invoked.
Example: http://petstore.swagger.io/v2/pet/55
Operation/Resource name Name of the API operation or resource that is invoked.
Example: /pet
Policy name Name of the API Gateway policy that triggered the event.
Example: Monitor Policy