Auditing and tracking transactions

Document ID : KB000094126
Last Modified Date : 02/05/2018
Show Technical Document Details
Introduction:
Auditing problems for CA solution looking to link transaction from SSO AG to APIM auditing
Background:
Client flow as followed each CA product process requests to CA SSO Policy server
Client Browser -> F5 > CA Access Gateway -> F5 -_ CA APIM Gateway (OAuth)
 
Each product logs requests when processed, however not sure how to link transaction to get a complete flow of each request
 
Environment:
Client browser request to F5 load balancer, sends to CA SSO Access Gateway (R12.7), proxy to F5 load balancer, sends to CA APIM Gateway (9.2 Cr7)

 
Instructions:
CA SSO products logs TransactionID for each unique requested processed through Agent/Access Gateway to the policy server
CA APIM include SSO SDK agent for isProtect(), login() and isAuthorized() calls you can set variable for TransactionID then log it to audit records
 
Example:
Set a variable as following
        <L7p:SetVariable>
            stringValue=" ${request.http.header.sm_transactionid}"/>
            VariableToSet stringValue="SSOTransactionID1"/>
        </L7p:SetVariable>
 
APIM Results:
SSOTransactionID1 = {String} "133d5d1b-18f98084-8c74688f-1f07fc71-bfe3cb39-0c"
 
SSO AG log:
[04/06/2018][14:10:42.749][31168][140393767573248][ProxyValve.java][ProxyValve::invoke][133d5d1b-18f98084-8c74688f-1f07fc71-bfe3cb39-0c][Entering the agent.]
.
.
 [04/06/2018][14:10:42.754][31168][140393767573248][com.ca.proxy.apache.httpclient.SPSClient][execute][133d5d1b-18f98084-8c74688f-1f07fc71-bfe3cb39-0c][Sending request to backend = mcqst02-ssg930-2.ca.com:8080 url = http://mcqst02-ssg930-2.ca.com:8080/bell]
 
The Policy server trace the TransactionID is capture in the data field:
[04/06/2018][14:10:42.860][4043][139923602585344][SmMessage.cpp:557][CSmMessage::ParseAgentMessage][s2/r1296][133d5d1b-18f98084-8c74688f-1f07fc71-bfe3cb39-0c][Receive request attribute 221, data size is 47]