15

I've enabled Access Logging to CloudWatch for my API in AWS API Gateway and that works fine. However, it will only log the path section of the URL and not my query string parameters.

My log format looks like this:

[$context.requestTime] ($context.status) "$context.httpMethod $context.path $context.requestId

Let's say, I call my API like this:

GET http://my.server.com/details?id=123

The corresponding access log line will look like this:

[19/Jun/2018:06:09:27 +0000] (200) "GET /details 5229a43c-7387-11e8-xxxx-xxxxxxxx

I need the id=123 as well, but I can't figure out how to access it. The documentation suggest using $input.params('id'), but that will always return -.

Improve this question
7
  • Does $input.params() return anything in your case? Commented Jun 19, 2018 at 7:03
  • 3
    Same, $input.params() also returns -. I tried all variations of it that I found. Commented Jun 19, 2018 at 7:20
  • Are you trying to invoke in console or with aws cli? There were some issues with params if you run it from console. Commented Jun 19, 2018 at 9:11
  • I'm setting this in the AWS Console. It's saving correctly, no error messages. Commented Jun 20, 2018 at 0:41
  • 2
    it seems there is no support for $input variables for custom access logging. forums.aws.amazon.com/thread.jspa?messageID=860814&tstart=0 Commented Aug 22, 2018 at 7:50

2 Answers 2

Reset to default
5

Only $context variables are supported, not $input, etc. AWS Ref: Have you seen https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I have not been able to figure out a way to log the query string other than to integrate it within my Lambda Authorizer. This is a code snippet. You then reference the query string in the access log format definition as "queryString": "$context.authorizer.queryString"

def lambda_handler(event, context):
    queryStringParameters = event["queryStringParameters"]
    queryString = urlencode(queryStringParameters)
    authResponse = {
        "principalId": "",
        "policyDocument": {
            "Version": "",
            "Statement": []
        }
    }
    
    authResponse["principalId"] = "user|a1b2c3d4"
    authResponse["policyDocument"]["Version"] = "2012-10-17"
    authResponse["policyDocument"]["Statement"] = []
    statementOne = {
        "Action": "execute-api:Invoke",
        "Effect": effect,
        "Resource": methodArn
    }
    authResponse["policyDocument"]["Statement"].append(statementOne)
    context = {
        'queryString': queryString
    }
    authResponse['context'] = context
    return authResponse
Improve this answer

1 Comment

That's unusable, because authorizer response is cached. I.e. you will get old queryString.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.