By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Custom access logging - cherry-pick resources

0

Hi, I am using Custom access logging in REST API Gateway to ingest Cloud Watch Log Group with records. I got many resource under my api but I don't want to track all of them but rather do some cherry-pick.

Example: Record A

{
    "requestId": "fsafdsfds-1de0-4ed8-ddsa-dasdsad",
    "resourcePath": "/api/path1/{proxy+}"
}

Record B

{
    "requestId": "fsafdsfds-1de0-4ed8-ddsa-asada",
    "resourcePath": "/api/path2/{proxy+}"
}

As a result I would like to persist in LogGroup only records that comes from resourcePath of:

/api/path1/{proxy+}

What would be best approach to achieve it? Thanks for helping!

2 Answers
2

To achieve custom access logging for specific resources in your REST API Gateway, you can use a combination of API Gateway's access logging features and CloudWatch Logs filtering. Here's the best approach to accomplish this:

  1. Set up access logging for your API Gateway stage:

    • In the API Gateway console, navigate to your API and select the stage you want to configure.
    • Enable access logging and specify the CloudWatch log group where you want to store the logs.
    • Configure the log format to include the information you need, such as the requestId and resourcePath.
  2. Use a custom log format that includes the resourcePath:

    • In the access log settings, specify a format string that includes the $context.resourcePath variable.
    • For example: '{ "requestId": "$context.requestId", "resourcePath": "$context.resourcePath" }'
  3. Create a CloudWatch Logs metric filter:

    • In the CloudWatch console, go to the log group you specified for API Gateway access logs.
    • Create a metric filter that matches the specific resourcePath you want to track.
    • The filter pattern could be something like: { $.resourcePath = "/api/path1/{proxy+}" }
  4. Use CloudWatch Logs Insights to query filtered logs:

    • In the CloudWatch console, use Logs Insights to query your log group.
    • Write a query that filters for your specific resourcePath.
    • For example: fields @timestamp, @message | filter resourcePath = "/api/path1/{proxy+}" | sort @timestamp desc

This approach allows you to log all API requests but gives you the flexibility to filter and analyze only the specific resources you're interested in. The metric filter will help you track and alert on the specific path, while Logs Insights queries let you view and analyze the filtered logs as needed.

Remember that this method still ingests all logs into CloudWatch, but provides efficient ways to focus on the specific resources you want to track.
Sources
Set up CloudWatch logging for REST APIs in API Gateway - Amazon API Gateway
Working with log groups and log streams - Amazon CloudWatch Logs
AccessLogSettings - Amazon API Gateway

profile picture
answered a month ago
profile picture
EXPERT
reviewed a month ago
  • Thanks AI, I don't want to ingest all logs into CloudWatch.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions