03-24-2023 10:58 AM
I am using the Github project crosszoneha to provide active/standby failover for 2 firewalls in AWS. The issue I am having is I can't send an HTTP post to the API Gateway using the filtered Systems logs. No requests make it out to the API gateway even though I have attached an email profile that is sending out email when the system log filtered conditions are met. I can do a Send Test Log, and that completes successfully. We see that request come in to API Gateway and Cloudwatch. We are running all the defaults for the HTTP (payload, parameters, etc..). All the security groups between the API Gateway and the Palos are wide open (we can ping the API GW from the Palo's mgmt port). What could possibly cause the HTTP Post to work fine during the Send Test Log, but not when the System log filter matches?
08-02-2023 11:52 PM
Hello , @famato I Read about your question and your problem is "Sending HTTP post to API Getaway " Let me explain you in this think you should try this key points :
There could be several reasons for this behavior, and troubleshooting can be complex. Let's explore some possible causes and steps to investigate the issue:
erify that the log format and payload being sent during the System log filter matches are correct and compatible with the API Gateway's expected format. Check if there are any differences between the test log payload and the filtered log payload.
Double-check that the endpoint URL used in the System log filter matches configuration is correct and points to the API Gateway's correct resource and method.
Ensure that the API Gateway has the necessary resources, methods, and integrations configured to handle the incoming HTTP requests from the System log filter.
Review the API Gateway's access control settings, such as API Key or IAM permissions, to ensure that the HTTP requests from the System log filter are authorized to invoke the API.
Check the CloudWatch logs for any error messages or indications of issues when the System log filter matches. Look for relevant logs related to the API Gateway integration and HTTP request processing.
If your crosszoneha project is running in a different AWS account than the API Gateway, make sure that there are appropriate cross-account access permissions set up for invoking the API Gateway.
If your API Gateway is integrated with VPC resources, verify that the necessary VPC endpoints and route configurations are in place to enable communication between the API Gateway and the Palos.
If the issue persists and you cannot identify the root cause, consider reaching out to AWS Support for assistance. They can help analyze the specific configuration and troubleshoot the issue more deeply.
Remember to take appropriate security measures when investigating and resolving issues related to API Gateway communication to avoid exposing sensitive information or compromising the security of your system.
I hope you like my answer in this i try my best.
Thank You,
Best Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
