2

For tracing of AWS apigateway requests, I am using x-ray . One of the requirements is to trace every request (incoming in gateway, authorizer execution, backend endpoint) and store it in a defined log format. Is there any efficient way to trace requests to AWS API gateway.

Ramya Karuna
  • 61
  • 2
  • 5

2 Answers2

3

It seems you are already using AWS X-Ray. By default X-Ray SDK samples requests in order to keep costs for tracing under control for customers. Since it is a tracing solution, a sample of requests is usually sufficient to find general trends, customer impact, failure rates, root causes for ongoing latency / faults / errors.

In your question you mention you want to trace "every" trace. With API Gateway (and also with daemon running on EC2 instances) you have the ability to control the sampling rate using the X-Ray console. This means you have a centralized place to say that you want to have 25% sampling on /orders' URL while you want 100% sampling on/login` URL.

You can configure sampling rates using the X-Ray console as described here: https://docs.aws.amazon.com/xray/latest/devguide/xray-console-sampling.html

More information on Sampling Rules for X-Ray is available here: https://aws.amazon.com/blogs/aws/apigateway-xray/

Controlling sampling with APIs: https://docs.aws.amazon.com/xray/latest/devguide/xray-api-sampling.html

You may use 100% sampling or a big enough reservoir to trace "almost every" request.

Pedantic Disclaimer follows

Keep in mind, AWS X-Ray is a distributed tracing solution and is not an auditing solution. As mentioned in the X-Ray FAQ, "X-Ray should not be used as an audit or compliance tool because it does not guarantee data completeness.".

Rohit Banga
  • 18,458
  • 31
  • 113
  • 191
0

First of all X-ray is a good approach for this. If you would like further details, you can enable CloudWatch logs or full request/response data logging in API Gateway. These logs can be easily analysed with CloudWatch Insights.

You can find these options in the API Gateway Console > Your API > Stages > Your stage > Logs/Tracing.

In the logs, you can see the following:

  • Endpoint request URI, headers, body after transformations
  • Authorizer result body before parsing
  • Method request path, headers, body before transformations
  • Endpoint response headers, body before transformations
  • Method response headers, body after transformations
adrian-mezei
  • 59
  • 3