API Gateway not forwarding all access logs to Cloudwatch

Question

I've setup access logging for API Gateway with a CloudWatch log group as destination. While testing this feature it seems that not all logs are captured/forwarded to CloudWatch.  
  
eg. an "HTTP 413 Request Entity Too Large" is not visible in the CloudWatch logs. I would assume that this is also part of access logs?   
  
What kind of logs should appear in the access logs? (HTTP 2xx, 4xx, 5xx...)

Answer

Hello:  
  
Unfortunately it is not documented today, but our documentation team has been notified to add this in the next update to the docs.  
  
Apologies for the inconvenience.  
  
Regards,  
Bob

Answer

Hi Bob,   
  
Thanks for your answer. Is this documented somewhere?   
  
Regards,  
Gert-jan

Answer

Hello:  
  
All requests (with a few exceptions, like the 413 you noted) **should** generate access logs. The requests that may not be logged are requests that failed before the service read the request or the service was unable to determine where to send logs:  
  
* Most 413 requests (there is a window where a 413 will generate a log message, but it's very small)  
** Some 429 requests (only if you go **well* over your account level limits)  
* 4XX errors sent to a custom domain basepath that has no API mapping  
* Some 5XX errors (due to internal failures)  
  
FWIW, many of these cases will also not generate metrics for the same reason.  
  
Apologies for the confusion. I hope this helps.  
  
Regards,  
Bob

API Gateway not forwarding all access logs to Cloudwatch

Contenus pertinents