Log Types: NetscalerLog
- Leigh Purdie (Unlicensed)
Overview
Citrix Netscaler devices provide application delivery controller functionality (ADC), including load balancing, access controls, and application proxying.
Collection
The Snare Central server can receive events from Netgear routers via syslog.
Sample Events
172.16.1.165 05/05/2017:13:46:36 GMT regis 0-PPE-0 : default TCP CONN_DELINK 3771 0 : User Fred ClientIP 1.2.3.4 Source 10.168.3.61:54426 - Vserver 172.16.1.165:443 - NatIP
Fields
Field | Description |
|---|---|
DATE | Event date, in the format YYYY-MM-DD |
TIME | Event time, in the format HH:MM:SS |
SYSTEM | The source system |
TABLE | NetScalerLog |
CRITICALITY | Syslog facility/criticality number |
SOURCE | Source (if supplied) |
EVENTID | Â |
USER | User (if supplied) |
CLIENTIP | Client IP address |
EVENTCOUNT | Â |
EVENT | Any remaining data supplied by the Netscaler device |
Notes
Inconsistencies in the data format supplied by NetScaler devices MAY mean that the EVENTCOUNT field contain protocol information.
Â