Audit Messages in Policy Assertion
The Audit Messages in Policy assertion is used to enable auditing of messages within a policy. It records events pertaining to the processing of a policy—for example, assertion violations, authentication failures, routing errors, etc. You can view these events later in the Gateway Audit Events window.
Audit Messages in Policyassertion is used to enable auditing of messages within a policy. It records events pertaining to the processing of a policy—for example, assertion violations, authentication failures, routing errors, etc. You can view these events later in the Gateway Audit Events window.
For example, when used in an At least one assertion must evaluate to true assertion folder after an Evaluate Request XPath assertion, the Audit Messages in Policy assertion will execute and audit the request message only if the XPath assertion fails. When this happens, XPath query results are reported in the Gateway Audit Events window. If the XPath assertion in this scenario succeeds, then the Audit Messages in Policy assertion does not execute.
To learn more about the auditing process, including how the Audit Messages in Policy assertion interacts with the Add Audit Detail assertion and the various cluster properties, see About Message Auditing.
Using the Assertion
- Do one of the following:
- To add the assertion to the Policy Development window, see Add an Assertion.
- To change the configuration of an existing assertion, proceed to step 2 below.
- Right-clickAudit Messages in Policyin the policy window and chooseAudit Propertiesor double-click the assertion in the policy window. The assertion properties are displayed.
- Configure the properties as follows:SettingDescriptionRecord audit events at the following level beyond this pointThis setting changes the severity of the logged messages to either "Info" or "Warning". Whether the message is ultimately saved to the database depends on theaudit.messageThresholdcluster property .ChooseWARNINGto set the severity of all messages to "Warning". This will cause all messages to be logged, regardless of whether theaudit.messageThresholdcluster property is set to INFO or WARNING.ChooseINFOto set the severity of all messages to "Info". Whether the messages are then logged depends on theaudit.messageThresholdcluster property:
For a detailed description of the effects of the "trigger" threshold on auditing, see About Message Auditing.Save requestSave responseIndicate whether to save the code of the request or response:
- If the cluster property is set to INFO, all messages will be logged.
- If the cluster property is set to WARNING, no messages will be logged.
Saving the code for the request/response will allow you to view them later in the Event Details Pane of the Gateway Audit Events window.Special Note for Trace Policy:When the Audit Messages in Policy assertion appears in a debug trace policy, the "Always" and "Never" settings here willoverridethe equivalent settings in the target service policy. If there is no Audit Messages in Policy assertion in the service policy but one in the trace policy and it is set to "Always", then the code will be saved.Recording all message events or saving request/response code will increase the size of your log substantially.
- Always:Save the code.
- Never:Do not save the code.
- No change:If used in a service policy, this is the same as 'Never'. If used in a debug trace policy, this setting will preserve the setting of any Audit Messages in Policy assertion in the service policy (if no such assertion appears in the service policy, then the code is not saved).
- Click [OK] when done.