Configure FTP Audit Archiver

The FTP Audit Archiver is used to back up the audit logs on the via FTP to a specified host. The backups are stored as plain text files compressed into .ZIP archives with a name in the following format:
gateway91
The FTP Audit Archiver is used to back up the audit logs on the
API Gateway
via FTP to a specified host. The backups are stored as plain text files compressed into .ZIP archives with a name in the following format:
<
audit.archiver.ftp.fileprefix
> cluster property + <
date & time stamp
>.zip
When the audit records are successfully backed up, the archiver automatically deletes the records to save disk space.
Ensure that the FTP server receiving the archive is fast enough to accept the largest audit entry within the MySQL timeout period.
Once the FTP Audit Archiver is configured, it will automatically run as follows:
  • Each time the
    API Gateway
    is started
  • At a preset interval specified by the audit.ArchiverTimerPeriod  cluster property
The archiver can also be manually invoked using the "Start Archiver" command in the Gateway Audit Events. If the archiver is configured but you do not want it to run, you can disable it using its properties dialog.
 
In addition to the configuration described here, there are several cluster properties that can be used to further control the behavior of the archiver. For more information, see the Audit Archiver Cluster Properties.The FTP Audit Archiver is not supported when an embedded database is in use on the
API Gateway
.
 
To configure the FTP Audit Archiver
:
  1.  In the Policy Manager, select 
    [Tasks] > Logging and Auditing > Configure FTP Audit Archiver
     from the Main Menu (on the browser client, from the Manage menu). The FTP(S) Audit Archiver Properties appear. 
  2. Configure the properties as follows:
    Field
    Description
    Security
    Specify which form of security to use: 
    • FTP (unsecured): Information is submitted unencrypted.
    • FTPS with Explicit SSL: Information is encrypted using explicit SSL (RFC2228).  
    • FTPS with Implicit SSL: Information is encrypted using implicit SSL.
    • Verify server certificate: If encryption is used, select this check box to verify the server's certificate against the trust store in the
      API Gateway
      . For more information, see "Certificate Expiration Notification" under Manage Certificates.
    Host name
    Enter the hostname of the FTP server. This name is verified against the X.509 certificate.
    Port number
    Enter the port number to use. The default port number is 21.
    Directory
    Specify the name of the directory on the FTP server to place the audit archive.
    User name/Password
    Enter the login credentials if connecting a secure server.
    Timeout
    Specify the number of seconds to wait during FTP connection before the archiver times out.
    Enabled
    The archiver is enabled by default. Clear the check box to disable the archiver. When disabled, the archiver will not run when the
    API Gateway
    is started nor can it be manually run from the Gateway Audit Events window. Scheduled archives will not occur as well.
    If an archive is in progress when the archiver is disabled, the change will not take effect until the transfer is finished. To just cancel the automatically scheduled archives, set the cluster property audit.ArchiverTimerPeriod to "0" (zero) instead.
    Test Connection
    Click this button to test the settings. You should see a success message if the settings are correct.
  3. Click [
    OK
    ] when done.