- Newest
- Most votes
- Most comments
To achieve custom access logging for specific resources in your REST API Gateway, you can use a combination of API Gateway's access logging features and CloudWatch Logs filtering. Here's the best approach to accomplish this:
-
Set up access logging for your API Gateway stage:
- In the API Gateway console, navigate to your API and select the stage you want to configure.
- Enable access logging and specify the CloudWatch log group where you want to store the logs.
- Configure the log format to include the information you need, such as the requestId and resourcePath.
-
Use a custom log format that includes the resourcePath:
- In the access log settings, specify a format string that includes the $context.resourcePath variable.
- For example: '{ "requestId": "$context.requestId", "resourcePath": "$context.resourcePath" }'
-
Create a CloudWatch Logs metric filter:
- In the CloudWatch console, go to the log group you specified for API Gateway access logs.
- Create a metric filter that matches the specific resourcePath you want to track.
- The filter pattern could be something like: { $.resourcePath = "/api/path1/{proxy+}" }
-
Use CloudWatch Logs Insights to query filtered logs:
- In the CloudWatch console, use Logs Insights to query your log group.
- Write a query that filters for your specific resourcePath.
- For example: fields @timestamp, @message | filter resourcePath = "/api/path1/{proxy+}" | sort @timestamp desc
This approach allows you to log all API requests but gives you the flexibility to filter and analyze only the specific resources you're interested in. The metric filter will help you track and alert on the specific path, while Logs Insights queries let you view and analyze the filtered logs as needed.
Remember that this method still ingests all logs into CloudWatch, but provides efficient ways to focus on the specific resources you want to track.
Sources
Set up CloudWatch logging for REST APIs in API Gateway - Amazon API Gateway
Working with log groups and log streams - Amazon CloudWatch Logs
AccessLogSettings - Amazon API Gateway
Hi GGSP,
The recommended way to cherry-pick the CW logs that you want to focus on for analysis is CloudWatch Logs Insights.
See https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html for all details
Some examples at:
- https://medium.com/@drosenstark/using-cloudwatch-logs-insights-to-monitor-your-api-gateway-abc5ceef07e8
- https://gist.github.com/bskim45/9516a54e0fa7ddc861504aa0f785ec6d
- https://medium.com/xmglobal/how-to-use-cloudwatch-queries-to-investigate-an-aws-api-gateway-attack-5d4c24ee0169
Best,
Didier
Relevant content
- asked a year ago
- asked a year ago
- AWS OFFICIALUpdated 8 days ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 6 months ago
Thanks AI, I don't want to ingest all logs into CloudWatch.