Header Image

Off Box Audit and Reporting

This is a simple off box auditing use case which uses the built-in audit policy capability along with some industry standard external tools to show a per-request audit policy, and report on trend analysis of front-end and back-end latency and bandwidth usage.

Most common deployment patterns for service oriented and cloud architecture implementation assume centralized gathering of logs and audits. With centralized auditing, data mining tools can be used to do trend analysis and service level agreement conformance checking. Layer 7 provides the ability to store audits and logs in multiple locations. One option supported by Layer 7 is storing audit data off the SOA gateway clusters in order to:

  • Reduced local disk load
  • Improved gateway performance
  • Consistency in data warehousing and management
  • Better customization in reporting
  • Reuse of existing BI, audit and analysis tools

This demonstration shows how to configure Off Box Auditing in the Layer 7 policy language. Policy assertions used in this tutorial include:

  • Latency recording for Service Level Agreement measurement and reporting.
  • Measurement of back end server response time, success, failures also for SLA reporting
  • Usage reporting on a service and aggregate service basis
  • API usage reporting

The tutorial employs the following products and versions

  • A Layer 7 SecureSpan cluster
    • This tutorial uses two gateways to highlight the role of egress auditing
  • LDAP server
    • The tutorial uses Open LDAP but any standards compliant LDAP could be used
  • Microsoft SQL Server Version is unimportant.
  • SAP Crystal Reports
    • Any reporting tool will work but this is a popular tool common in many enterprises.

The demo scenario is illustrated below where messages are passed between a set of services residing in the Amazon cloud (proxied by the SecureSpan Gateway AMI edition).

SecureSpan Off Box Audit Demo - Layer 7 Technologies

The demo Audit Policies composed in the SecureSpan Policy Manager look like this:

Demo Audit Policies - Layer 7 Technologies

The corresponding Audit Tables in SQL Server look like the following

  • The Audit table uses a customized view that converts the Unix time stamp in millisecond resolution that is our native time stamp format to an SQL Server style date column.
  • The table and the audit policy can be adapted to add more details to each of them to customize the solution to your needs.

Corresponding Audit Tables in SQL Server - Layer 7 Technologies

Crystal Reports is then used to connect to SQL Server and used to build a live report on the average latency and the sum of the message sizes within per-minute time ranges:

Crystal Reports is then used to connect to SQL Server - Layer 7 Technologies

Finally, here are some examples of the resultant graphs:

Average Latency Graph - Layer 7 Technologies

 

Bandwidth Uusage graph - Layer 7 Technologies