How to setup Astra Traffic Monitoring with AWS API Gateway

Last updated: August 14, 2025

Overview

This integration is supported for the following type of AWS API Gateway:

  • REST API Gateway

  • HTTP API Gateway

AWS supports detailed tracing only for REST API Gateway and not for HTTP API Gateway. This means that limited information like URL Path, Status code, Domain and Protocol can be observed for HTTP API Gateway. Request/Response headers and body which can only be observed with detailed tracing can't be observed for HTTP API Gateway.

Astra AWS APIGW integration

Illustration: High-level integration flow between AWS API gateway, Astra Log Parser and Astra Traffic Collector

Prerequisites

  1. Astra Traffic Collector is available and reachable.

    📄 How to setup Astra Traffic Collector in Linux

  2. AWS API Gateway sensor is created and you have the sensorID handy

    📄 How to Create Sensor Integration for API Observability

  3. Access Logging and detailed tracing are enabled in AWS API Gateway

    📄 How to setup AWS API Gateway Access Logging for Traffic Monitoring

  4. An EC2 or equivalent Virtual Machine (VM) with minimal hardware configuration to run Astra Log Parser

    Note that this VM should be provisioned in the same VPC where Astra Traffic Collector is running

Quick Installation

Step 1: Create a directory for the Astra Log Parser

Create a folder called as logs and assign user role for volume mounting. This folder will have the logs of Astra Log Parser application

mkdir -p /opt/astra-log-parser/logs && chown -R 10001:10001 /opt/astra-log-parser/logs && cd /opt/astra-log-parser

Step 2: Create docker-compose.yaml file as a manifest for Astra Log Parser container

version: '3.3'
services:
  astra-log-parser:
    image: getastra/log-parser
    container_name: astra-log-parser
    volumes:
      - /opt/astra-log-parser/logs:/astra/logs
    network_mode: host
    env_file:
      - astra.env
    restart: always

Step 3: Create astra.env file

This file will have the secrets and configuration

Variable

Description

Example value

SENSOR_ID

IntegrationID created when AWS API Gateway integration is created in Astra Dashboard

mySensorID

OTLP_ENDPOINT

Host:Port of Astra Traffic Collector, You can also give IPAddress:Post of Astra Traffic Collector.
Do not give https:// prefix.

localhost:4317

AWS_ACCESS_KEY_ID

AWS Access Key ID for Astra Log Parser to access Cloudwatch Log group via SDK

AWSAccessKeyID

AWS_SECRET_ACCESS_KEY

Secret Key for Astra Log Parser to access Cloudwatch Log group via SDK

AWSSecretKey

AWS_REGION

AWS Region of Cloudwatch Log group for Astra Log Parser to access Cloudwatch Log group via SDK

AWSRegion

LOG_GROUP_NAME

Log Group Name for Astra Log Parser to access Cloudwatch Log group via SDK

AWSCloudWatchLogGroupName

SENSOR_ID=mySensorID
OTLP_ENDPOINT=localhost:4317
AWS_ACCESS_KEY_ID=AWSAccessKeyID
AWS_SECRET_ACCESS_KEY=AWSSecretKey
AWS_REGION=AWSRegion
LOG_GROUP_NAME=AWSCloudWatchLogGroupName

Step 4: Create Linux Service File For Astra Log Parser

Create Linux service file at /etc/systemd/system/astra-log-parser.service and copy paste the following service file

[Unit]
Description=Start Astra Log Parser
After=docker.service
Requires=docker.service

[Service]
Type=simple
ExecStart=/bin/bash -c "docker compose -f /opt/astra-log-parser/docker-compose.yaml up"
ExecStop=/bin/bash -c "docker compose -f /opt/astra-log-parser/docker-compose.yaml down"
Restart=always

[Install]
WantedBy=multi-user.target

Step 5: Manage the service by using systemctl

# Enable the service to start on boot
sudo systemctl enable astra-log-parser

# Manage the service
sudo systemctl start astra-log-parser

# To restart the service
sudo systemctl restart astra-log-parser

# To check the status of service
sudo systemctl status astra-log-parser

Upgrade

To upgrade the Astra Log Parser to latest image

Execute the following commands to stop, upgrade and then start the service

systemctl stop astra-log-parser
cd /opt/astra-log-parser/
docker-compose pull
systemctl start astra-log-parser

Troubleshooting

1. I do not see my astra-log-parser running

Symptoms

  • Error seen when systemctl status astra-log-parser is executed

  • Following or similar error seen when docker logs astra-log-parser is executed

astra-log-parser   | Error parsing UUID SENSOR_ID: invalid UUID length: 0
astra-log-parser   | LOG_GROUP_NAME empty
astra-log-parser   | AWS_ACCESS_KEY_ID empty
astra-log-parser   | AWS_SECRET_ACCESS_KEY empty
astra-log-parser   | AWS_REGION empty

Cause

  • lack of required env variables

Solution

  • Edit /opt/astra-log-parser/astra.env and update it with right information.

  • Restart astra-log-parser

    sudo systemctl stop astra-log-parser
sudo systemctl start astra-log-parser

2. Unable to see entries in inventory

Symptoms

  • No entries in inventory OR inventory not getting updated

  • No error in astra-log-parser or astra-traffic-collector log

Cause

  • Unregistered hostname

Solution

  • Double check if the hostname falls under Scope URI of Target

FAQ (Frequently Asked Questions)

1. Can I see what trace are sent from my environment?

Yes, one can see the traces sent by traffic-collector by inspecting docker logs.

📄 Verifying Traces in Astra Traffic Collector