| NGINX Documentation

End of Sale Notice:

F5 NGINX is announcing the End of Sale (EoS) for NGINX Management Suite API Connectivity Manager Module, effective January 1, 2024.

F5 maintains generous lifecycle policies that allow customers to continue support and receive product updates. Existing API Connectivity Manager Module customers can continue to use the product past the EoS date. License renewals are not available after September 30, 2024.

See our End of Sale announcement for more details.

As an Infrastructure Administrator, use this guide to implement a standard log format for all environments hosting APIs.

Overview

In API Connectivity Manager, you can apply global policies to API Gateways and Developer Portals to ensure your organization’s security requirements are enforced.

When you add policies at the environment level, they will apply to all proxies hosted within that environment.

See the Learn about Policies topic for an overview of the different policy types and available policies.

About the Policy

The Log Format policy enables Infrastructure Admins to set the format for access logs. Detailed access logs are generated in either JSON (default) or Syslog format and are applied to new environments automatically. This policy can be customized to filter log content, adjust log severity levels, and designate log destinations.

Intended Audience

This guide is meant for Infrastructure Administrators.

Infrastructure Administrators ensure uniform governance across an organization’s infrastructure by setting policies at the infrastructure level, enabling teams to build APIs without interruption while adhering to the organization’s standards.

Workflow for Applying Policy

To apply the policy or make changes to it, here’s what you need to do:

Edit an existing environment or create a new one.
Check the advanced settings for the environment to see if the policy has been applied.
Edit the policy to make changes for each environment. Save and publish the changes.

Policy Settings

The following table lists the configurable settings and their default values for the policy.

Field	Type	Possible Values	Description	Required	Default value
`type`	string	One of: `[JSON,` `NATIVE]`	The access logs can be created in either JSON or native NGINX log format (Syslog).	Yes	`JSON`
`logFormat.include`	string/enum	One or more of: `["BASIC",` `"INGRESS",` `"BACKEND",` `"RESPONSE"]`	Specifies what information should be logged.	No	`["BASIC",` `"INGRESS",` `"BACKEND",` `"RESPONSE"]`
`logFormat.variables`	string/enum	`List of values`	Only variables included in this array will be logged; everything else will be hidden.	No	`Empty list []`
`errorLogSeverity`	string	One of: `[DEBUG,` `INFO,` `NOTICE,` `WARN,` `ERROR,` `CRIT,` `ALERT,` `EMERG]`	The minimum severity level of errors that will be logged.	No	`WARN`
`logDestination.type`	string/enum	One of: `["FILE",` `"SYSLOG"]`	The destination for the log output, either a file or syslog.	Yes	`FILE`
`logDestination.` `accessLogFileLocation`	string	`/var/log/nginx`	The directory in which the access log file will be saved. The directory can be any valid UNIX filepath, with relative paths being relative to the default NGINX configuration directory (`/etc/nginx/`).	Yes	`/var/log/nginx`
`logDestination.` `errorLogFileLocation`	string	`/var/log/nginx`	The directory in which the error log file will be saved. This directory can be any valid UNIX filepath, with relative paths being relative to the default NGINX configuration directory (`/etc/nginx/`).	No	`/var/log/nginx`
`enablePrettyPrint`	boolean	`true`, `false`	This setting adds whitespace and indentation to make JSON logs more easily readable for humans. This setting is applicable only when the `type` is set to `JSON`.	No	`false`

Applying the Policy

In API Connectivity Manager, when an Infrastructure Administrator creates an environment, the following log format policy is applied by default:

Logs are in JSON format
Logs are written to file
Logs are saved to /var/log/nginx

If these default options don’t meet your requirements, you can customize the policy to suit your specific needs. Refer to the Policy Settings section for the configurable options.

See Also:
You can use tools such as curl or Postman to interact with the API Connectivity Manager REST API. The API URL follows the format https://<NMS_FQDN>/api/acm/<API_VERSION> and must include authentication information with each call. For more information about authentication options, please refer to the API Overview.

To add the Log Format policy using the REST API, send an HTTP POST request to the Environments endpoint.

Method	Endpoint
`POST`	`/infrastructure/workspaces/{workspace}/environments/{environment}`

JSON request

{
  "policies": {
    "log-format": [
      {
        "action": {
          "enablePrettyPrint": false,
          "errorLogSeverity": "WARN",
          "logDestination": {
            "type": "FILE",
            "accessLogFileLocation": "/var/log/nginx/",
            "errorLogFileLocation": "/var/log/nginx/"
          },
          "logFormat": {
            "include": [
              "BASIC",
              "INGRESS",
              "BACKEND",
              "RESPONSE"
            ],
            "variables": []
          },
          "type": "JSON"
        }
      }
    ]
  }
}

This JSON example defines the log format policy for an environment: the error log severity level is set to WARN; the log file location is /var/log/nginx/; and the log format includes BASIC, INGRESS, BACKEND, and RESPONSE information without any variables specified to limit what is logged. The pretty print feature is disabled, and the log type is set to JSON.

To add the Log Format policy using the web interface:

In a web browser, go to the FQDN for your NGINX Management Suite host and log in. Then, from the Launchpad menu, select API Connectivity Manager.
On the left menu, select Infrastructure.
On the Workspaces page, select a workspace in the list to which you’ll add an environment.
Select Add to add the environment.
On the Create Environment form, complete the necessary fields:
- Name: Enter a name for the environment.
- Description: Describe the environment in a few words.
- Type: Select whether this is a production environment or not.
- API Gateways: Enter the API Gateway’s name and hostname.
Select Create.
On the Environment Created confirmation page, select Go to <environment name>.
In the API Gateways list, select the Actions menu (represented by an ellipsis, ...). Then select Edit Advanced Config.
On the left menu, select Global Policies.
In the list of Global Policies, the Log Format policy should be enabled by default. To edit the policy, select the ellipsis icon (...), then select Edit Policy.
Customize the policy settings to suit your requirements. Refer to the Policy Settings section for an overview of the available options and their possible configurations.
Select Save to save the changes.
Select Save and Submit to publish the policy changes to the environment.