Audit Logging

Edit online

The audit logging feature of webMethods API Gateway provides audit information for different categories of system transactions, events, and occurrences of specific events (for example, login attempts) over a period of time. You can use audit logs to view a detailed record of various auditable events that occurred on the webMethods API Gateway objects, user login and logout operations, and identify the users who are responsible for the changes. You can configure which audit events to log for a specific destination based on your auditing requirements.

You can configure webMethods API Gateway to log the auditable events for following destinations:
  • webMethods API Gateway
  • Database
  • Elasticsearch

The following auditable events can be configured to write to the webMethods API Gateway audit logs:

  • API management events

    API management consists of the following events:

    • Creation, modification, and deletion of an API object.
    • Activation and deactivation of an API.
  • Approval management events

    Approval management consists of the following events:

    • Approval and rejection of a request to create, register, and modify an application.
    • Approval and rejection of a request to subscribe a package in API Portal.
  • Application management events

    Application management consists of the following events:

    • Creation, modification, and deletion of an Application object.
  • Alias management events

    Alias management consists of the following events:

    • Creation, modification, and deletion of an Alias object.
  • Team management events

    Team management consists of the following events:

    • Creation, modification, and deletion of teams.
  • Analytics management events

    Analytics management consists of the following events:

    • Archiving, purging, and restoring of analytics data in the database.
  • Group management events

    Group management consists of the following events:

    • Creation, modification, and deletion of a Group object.
  • Policy management

    Policy management consists of the following events:

    • Creation, modification, and deletion of a global Policy object.
    • Creation, modification, and deletion of an API level Policy object.
    • Activation and deactivation of a global policy.
    • Activation and deactivation of an API level policy.
  • Package management events

    Package management consists of the following events:

    • Creation, modification, and deletion of a Package object.
  • Plan management events

    Plan management consists of the following events:

    • Creation, modification, and deletion of a Plan object.
  • Promotion management events

    Promotion management consists of the following events:

    • Creation, modification, and deletion of a Stage object.
    • Promotion of an API stage.
    • Rollback operation of an API stage.
  • User management events

    User management consists of the following events:

    • A user logs in or fails to log in to webMethods API Gateway.
    • A user logs out of webMethods API Gateway.
    • Creation, modification, and deletion of a User object.

webMethods API Gateway writes the audit logging data to the Audit logs dashboard (in the webMethods API Gateway user interface, go to Analytics > Audit logs). You can view and download audit logs.

Best Practices for webMethods API Gateway Audit Logging

webMethods API Gateway audit logging feature is implemented on an event-driven approach. By default, the webMethods API Gateway destination is enabled to log the auditable events for all areas of management, such as APIs, policies, users, and so on. As a best practice, it is recommended to enable audit logging for the required management areas in other supported destinations: Database and Elasticsearch. This practice is especially important when you want to provide the audit log data to external sources for analytics and anomaly detections.