Capture API calls from SoftwareAG webMethods API Gateway to your own security data lake using AWS Lambda.
Click the Launch Stack button below to deploy all necessary resources as a CloudFormation stack:
This creates, configures and deploys a Lambda function with its corresponding CloudWatch log group, together with a basic IAM role and policy for lambda execution.
Select the Event Source, and enter the Resurface URL and Resurface Rules parameters. Each corresponds to the EVENT_SOURCE, USAGE_LOGGERS_URL, and USAGE_LOGGERS_RULES environment variables, respectively.
Take note of function name as well as its URL. Both can be found on the Outputs tab once CloudFormation finishes the stack deployment.
- Clone repo
git clone https://github.com/resurfaceio/aws-lambda.git
cd aws-lambda- Install dependencies
npm install resurfaceio-logger --save- Make zip file
zip -r logger-lambda.zip *- Create new Lambda function. Remember to enable the function URL when creating the function. Take note of this URL as well as the function's name.
- Using the AWS console, go to the Code section of your lambda function. Click Upload from, then .zip file, and select the the
lambda-logger.zipfile that you just created. - Add the necessary environment variables
USAGE_LOGGERS_URLandEVENT_SOURCEin accordance to your use case.
- Create a new AWS alias if it doesn't exist already by navigating to Administration > AWS Configuration > Add new AWS account in your webMethods gateway.
- Navigate to Administration > Destinations > Custom destinations and create an AWS Lambda custom destination.
- Go to Policies > Global policies and enable the Transaction logging global policy.
- Configure the Transaction logging policy by navigating to Policies > Transaction logging > Log Invocation. Once there,
- Enable Store Request Headers, Store Request Payload, Store Response Headers, and Store Response Payload.
- Set Log Generation Frequency to
Always. - Select the AWS Lambda custom destination that was just created.
- Make calls to an active API endpoint. Verify that data flows into Resurface accordingly.
This lambda function has access to five environment variables, but only two of them are required for the logger to work properly.
The environment variable EVENT_SOURCE stores a string that identifies the library to use when parsing data from each incoming event. For example, by setting the variable to "softwareag", the function is then able to read event data sent by the Software AG webMethods API Gateway. See capturing data from custom events for more info on the current available event sources, as well as how to adapt this function to your own event sources.
The environment variable USAGE_LOGGERS_URL stores this address, which by default should be the string "http://localhost:7701/message". See running Resurface locally) for more info.
The environment variable USAGE_LOGGERS_RULES stores these logging rules as a string. Even though this variable is optional, it is recommended to set it to "include debug" or "allow_http_url" when trying the lambda function for the first time.
If you are working with large response payloads and don't want to log the whole thing, you can use the environment variable USAGE_LOGGERS_LIMIT. It stores an integer value corresponding to the number of bytes after which a response body will not be logged (by default, this upper limit is 1 MiB).
By setting the environment variable USAGE_LOGGERS_DISABLE to true the logger will be disabled and no API calls will be logged.
Loggers always have an active set of rules that control what data is logged
and how sensitive data is masked. All of the examples above apply a predefined set of rules (include debug),
but logging rules are easily customized to meet the needs of any application.
© 2016-2024 Graylog, Inc.