Audit messages for HTTP 404 errors returned by the Gateway are currently built as INFO warning messages. This will result in those messages being lost if the audit message threshold is set to WARNING or SEVERE. This is intentional as a client application could--either maliciously or innocently--generate an excessive quantity of audit records by hammering the Gateway with requests that would result in HTTP 404 errors. HTTP 404 errors are audited at the INFO severity to make them available without a significant increase in verbosity while keeping the audits limited to high visibility issues. If setting the audit message threshold to INFO is not desirable--as it does audit significantly more data--then an administrator can leverage the audit.setDetailLevel property to elevate it under certain circumstances.?
Setting the following cluster-wide properties as follows will capture?the request URI or requested service that generated an HTTP 404 from the Gateway and present it as an audit detail:
If these properties are set appropriately then the following audit message (and accompanying audit details) will be visible in the Gateway Audit Event Viewer for an HTTP request inbound to the Gateway that attempts to consume a SOAP service with an invalid request:
- audit.detailThreshold?= INFO
- audit.messageThreshold?= WARNING
- audit.setDetailLevel.WARNING?= 3212
NONE 165548 Gateway1 20140814 09:23:02.596 WARNING Message was not processed: Service Not Found. The request may have been sent to an invalid URL, or intended for an unsupported operation. (404)?
20140814 09:23:02.595 INFO 3212 Resolved "Warehouse" service (#884798) but request does not match any operation in the service's WSDL?
20140814 09:23:02.595 INFO 3005 Service not found?
20140814 09:23:02.596 INFO 3017 Policy evaluation for service resulted in status 404 (Service Not Found. The request may have been sent to an invalid URL, or intended for an unsupported operation.)?