IBM DataPower Operations Dashboard v1.0.15.0

A newer version of this product documentation is available.

You are viewing an older version. View latest at IBM DPOD Documentation.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

When used, a Syslog record will be sent to an external APM (or any other Syslog server) for each gateway transaction.

The Syslog record used is a JSON-formatted data object, containing information aggregated from several sources related to the transaction.

The feature requires DataPower FW 7.6+

Value to Customers

  • This feature allows customers to easily display gateway information on their APMs or log aggregators such as IBM APM, Splunk or ELK. This isolates the customer from changes to DataPower's log structure and saves the need to parse Syslog records.
  • Customers may link from the displayed transaction in their APM to DPOD's transaction details, in order to enhance troubleshooting efforts.
  • DPOD customers can use this feature to externalize DPOD information for data warehouse purposes.
  • DPOD customers can retain only the summarized transaction details instead of all log records. This will increase history retention time period and minimize storage requirements.

Transaction Record Structure

The following table describes the fields that are logged with this feature.

Field NameDescriptionPossible Values
deviceNameDataPower gateway nameString
domainNameDataPower domain name where the transaction was executedString
latencyElapsedThe elapsed time of the transaction in millisecondslong
microSecTimestampTimestamp format of the time the transaction startedString
microSecTimestampStartFor internal useString
microSecTimestampFinishFor internal useString
serviceTypeService type as defined in the gatewayString - mpgw,wsp,xml-firewall,b2bgw
serviceUriRequest URIString
serviceUrlRequest URLString
srcNodeNameThe name of the DPOD node that captured the transactionString
isErrorIndication whether the transaction completed with errorsBoolean true/false
isTechnicalErrorIndication whether the transaction completed with errorsBoolean  true/false
clientIpThe client IP of the machine (or load balancer) where the transaction started.String
serviceNameThe service the transaction ran on.String
transactionIdDataPower transaction ID (TID)String
transactionGlobalIdDataPower global transaction ID (GTID)26 chars long
timeZoneThe time zone used to log transaction startString format +ZZ:ZZ
docAddedTimeInMilFor internal uselong
timeInMilTransaction start time since Epoch in millisecondslong number
timeHHMMSSFull time of transaction start

String format HHMMSS where:

HH: 00-23
MM: 00-59
SS: 00-59

requestSizeThe request sizelong
aggRecordVersionEstimated FW version of the gateway that executed the transaction. (For internal use)String


JSON Example
{
  "_index": "[logical-tran-compact_i3][0]",
  "_type": "wdpLogicalTransChild",
  "_id": "ea5ae3c55b45be5500056a13_348659",
  "_timestamp": "2018-07-11T08:22:45.457Z",
  "_version": 5,
  "_operation": "INDEX",
  "_source": {
    "deviceName": "1cb3a54303a9",
    "domainName": "Infra_Domain",
    "latencyElapsed": 2,
    "microSecTimestamp": "2018-07-11T11:22:45.313729+03:00",
    "microSecTimestampStart": "2018-07-11T11:22:45.313729+03:00",
    "microSecTimestampFinish": "2018-07-11T11:22:45.315558+03:00",
    "serviceType": "xmlfirewall",
    "serviceUri": "/UpdateWantedMenProfiles_WHSW/Service.asmx",
    "serviceUrl": "http://Infra.HA:2555/UpdateWantedMenProfiles_WHSW/Service.asmx",
    "srcNodeName": "NODE0",
    "isError": false,
    "isTechnicalError": false,
    "clientIp": "172.77.77.5",
    "serviceName": "WSS_Loopback.XMLFW",
    "transactionId": "348659",
    "transactionGlobalId": "ea5ae3c55b45be5500056a13",
    "timeZone": "+03:00",
    "docAddedTimeInMil": 1531297365329,
    "timeHHMMSS": "11:22:45",
    "timeInMil": 1531297365313,
    "aggRecordVersion": "7.6.0.0+"
  }
}


Feature enablement

Perform the following steps to enable this feature

  1. Install and configure Store plugin.
  2. Configure each syslog agent.
  3. Deploy Event Publisher
  4. Stop and start all system services.

Plugin Configuration

  1. Configure each Store data node (for example: number 2 and 4) as follow:

    1. cd /app/elasticsearch_nodes/config/MonTier-es-raw-trans-Node-2 
    2. Edit the elasticsearch.yml file
  2. Uncomment the following parameter:

    ParameterValuesDescription
    events.publisher.plugin.disablefalse or trueenable or disable the plugin

Configure Syslog agent

For each syslog agent in the system perform the following:

  1. cd /app/flume/syslog_agents/conf/MonTier-SyslogAgent-nn/ (replace nn with the agent number)
  2. edit the flume_syslog.conf file
  3. Locate in each agent rows with pattern:  MonTier-SyslogAgent-nn.sinks.syslogElasticSinknnn.batchSize = (replace nnn with sink name 1 to 10. Also - replace nn with the agent number)
  4. Add below each of these rows the line below (substituting nn and nnn as described in step 3 above)
    MonTier-SyslogAgent-nn.sinks.syslogElasticSinknnn.serializer.enableLogicalTx = false
  • No labels