Citrix Systems CITRIX NETSCALER 9.3 manual Configuring an AppFlow Action

Page 172

Chapter 7	AppFlow

To remove a collector by using the NetScaler command line

At the NetScaler command prompt, type:

rm appflowCollector <name>

Parameters for specifying a collector

name

Name of the collector to which to export data. Maximum characters: 255.

ipaddress

The IPv4 address of the collector.

port

The UDP port on which the collector is listening. Default port: 4739.

To specify a collector by using the configuration utility

1.In the navigation pane, expand AppFlow, and then click Collectors.

2.In the details pane, click Add.

3.In the Create AppFlow Collector dialog box, specify values for the following parameters, which correspond to parameters described in "Parameters for specifying a collector" as shown:

•Name*—name (cannot be changed for an existing collector)

•IP Address*—ipaddress (cannot be changed for an existing collector)

•Port—port (cannot be changed for an existing collector)

*A required parameter

4.To remove a collector from the list, select the collector, and then click Remove.

5.Click Create, and then click Close.

Configuring an AppFlow Action

An Appflow action is a set collectors, to which the flow records are sent if the associated Apflow policy matches.

To configure an AppFlow action by using the NetScaler command line

At the NetScaler command prompt, type the following commands to configure an Appflow action and verify the configuration:

wadd appflow action <name> --collectors <string> ... [-comment <string>]

wshow appflow action

172

Image 172

Contents Citrix NetScaler Administration Guide Copyright and Trademark Notice Page Page Contents Snmp Vii Audit Logging Web Server Logging 105 Advanced Configurations Contents Web Interface AppFlow Reporting Tool Contents Xvi This Preface Formatting Conventions for NetScaler DocumentationFormatting Conventions Meaning Boldface Convention Documentation Available on the NetScaler ApplianceTo view the documentation NetScaler Documentation Feedback Getting Service and SupportTo provide feedback at the Knowledge Center home Preface Authentication and Authorization TopicsConfiguring User Accounts Configuring Users and GroupsShow system user Example Parameters for configuring a user account Password PasswordTimeout CLI Idle Session Timeout Secs UserName User NameTo create a user group by using the NetScaler command line Configuring User GroupsShow system group Example Show system group groupName Example Parameters for configuring a user group Show system group groupNameGroupName Group Name UserNameBuilt-in Command Policies Configuring Command PoliciesCLI Prompt CLI Idle Session Timeout Secs Creating Custom Command Policies Built-in Command Policies Policy name AllowsExcept show runningconfig, show Runningconfig, and sh gslbMatches these commands Command specification regular expressionParameters for configuring a command policy Sh system cmdPolicy ExamplePolicyname ActionBinding Command Policies to Users and Groups Parameters for binding a command policy to a user Sh system user userName ExampleSh system user userName PriorityParameters for binding a command policy to a group Sh system group groupName ExampleSh system group groupName GroupNameResetting the Default Administrator nsroot Password To reset the nsroot passwordExample of a User Scenario Fsck /dev/ad0s1a Mount /dev/ad0s1a /flashConfiguration steps Sample Values for Creating Entities FieldConfiguring External User Authentication Configuring Ldap Authentication Examples of Bind Distinguished Name Ldap server Examples of Base Distinguished Name Ldap server Base DNBind DN Authentication Type, select LDAP. Next to Server, click New Determining attributes in the Ldap directory Choosing Radius authentication protocols Configuring Radius AuthenticationAuthentication Type, select Radius Configuring IP address extraction Configuring NT4 Authentication Configuring TACACS+ AuthenticationAuthentication Type, select Tacacs Authentication Type, select NT4 Authentication and Authorization Snmp Importing MIB Files to the Snmp Manager and Trap Listener Enabling or Disabling an Snmp Alarm Enable snmp alarm alarm name Sh snmp alarm alarm nameConfiguring Alarms To configure an Snmp alarm by using the command lineParameters for configuring Snmp alarms SeverityTo configure Snmp alarms by using the configuration utility Configuring TrapsTo add an Snmp trap by using the NetScaler command line Parameters for configuring Snmp traps To configure Snmp Traps by using the configuration utilityEnabling Unconditional Snmp Trap Logging Configuring the NetScaler for Snmp v1 and v2 Queries Specifying an Snmp ManagerParameters for unconditional Snmp trap logging SnmpTrapLogging Snmp Trap LoggingTo add an Snmp manager by using the NetScaler command line Show snmp managerParameters for configuring an Snmp manager IPAddressTo add an Snmp manager by using the configuration utility Parameters for configuring an Snmp community string Specifying an Snmp CommunitySh snmp community PermissionsConfiguring an Snmp Alarm for Throughput or PPS Configuring Snmp Alarms for Rate LimitingCommunity String*-communityName Show snmp alarm PF-RL-RATE-THRESHOLD Show snmp alarm PF-RL-PPS-THRESHOLD ThresholdValueNormalValue StateConfiguring Snmp Alarm for Dropped Packets Alarm Threshold-thresholdValue Normal Threshold-normalValueConfiguring the NetScaler for SNMPv3 Queries Parameters for configuring an Snmp alarm for dropped packetsSetting the Engine ID Configuring a View To set the engine ID by using the NetScaler command lineParameters for setting the engine ID To set the engine ID by using configuration utilityParameters for configuring an Snmp view Configuring a GroupTo add an Snmp group by using the NetScaler command line Configuring a User Parameters for configuring an Snmp groupTo configure a user by using the NetScaler command line SecurityLevelParameters for configuring an Snmp user Citrix NetScaler Administration Guide Snmp Audit Logging Audit Logging Configuring Audit Servers Configuring the NetScaler Appliance for Audit LoggingShow audit syslogAction name Parameters for configuring auditing servers Show audit nslogAction nameServerIP ServerPortLog levels defined To configure an auditing server action Configuring Audit PoliciesTo configure a Syslog policy by using the command line Parameters for configuring audit policies To configure an Nslog policy by using the command lineRule To configure an audit server policy Binding the Audit Policies GloballyParameters for binding the audit policies globally Name* name Server* actionConfiguring Policy-Based Logging Configuring an Audit Message ActionTo globally bind the audit policy Pre RequisitesStringBuilderExpr BypassSafetyCheckLogtoNewnslog Installing and Configuring the Nslog Server Binding Audit Message Action to a PolicySupported Platforms for the Nslog Server Operating system Installing Nslog Server on the Linux Operating SystemSoftware requirements Installing Nslog Server on the FreeBSD Operating System Pkginfo grep NSaudserver Pkgdelete NSaudserverTo install Nslog server on a Windows operating system On the system, where you have downloaded the Nslog packageNslog Server Command Options To uninstall the Nslog server on a Windows operating systemAudserver -remove Audserver -stopTo add the IP addresses of the NetScaler appliance Audserver -remove SpecifiesRunning the Nslog Server Verifying the Nslog Server Configuration FileTo start audit server logging Creating Filters Customizing Logging on the Nslog ServerTo create a filter Specifying Log Properties Default Settings for the Log Properties Sample Configuration File audit.conf Following is a sample configuration fileWeb Server Logging Configuring the NetScaler Appliance for Web Server Logging Enabling or Disabling Web Server LoggingModifying the Default Buffer Size Parameter for modifying the buffer sizeSh weblogparam Example Buffer SizeTo modify the buffer size by using the configuration utility Supported Platforms for the Nswl Client Operating systemHardware requirements Installing Nswl Client on a Solaris Operating SystemCp pathtocd/Utilities/weblog/Solaris/NSweblog.tar /tmp Installing Nswl Client on a Linux Operating System Cd /tmpTar xvf NSweblog.tar Pkginfo grep NSweblogTo view the installed Web server logging files Installing Nswl Client on a FreeBSD Operating SystemTo get more information about the NSweblog RPM file Pkgdelete NSweblog Installing Nswl Client on a Mac OS Operating SystemCp pathtocd/Utilities/weblog/macos/NSweblog.tgz /tmp Installing Nswl Client on a Windows Operating System To install the Nswl client on a Windows systemInstalling Nswl Client on an AIX Operating System To uninstall the Nswl client on a Windows systemCp pathtocd/Utilities/weblog/AIX/NSweblog.rpm /tmp Rpm -i NSweblog.rpmNswl Client Command Options Nswl Command Options Nswl command SpecifiesTo add the Nsip address of the NetScaler appliance Adding the IP Addresses of the NetScaler ApplianceNswl -addns -f directorypath \log.conf Verifying the Nswl Configuration File To verify the configuration in the Nswl configuration fileRunning the Nswl Client Customizing Logging on the Nswl Client SystemParameters for Creating a Filter Specifies On OFFTo create a filter for a virtual server LogFormat Ncsa Understanding the Ncsa and W3C Log Formats Ncsa Common Log FormatW3C Extended Log Format Ncsa Common Log Format Argument SpecifiesDirectives EntriesDirective Descriptions Fields IdentifiersPrefix Descriptions Specifies ExamplesW3C Extended Log Format Identifiers No Prefix Required DescriptionCreating a Custom Log Format Creating a Custom Log Format by Using the Nswl LibraryField Description To create the custom log format by using the Nswl Library Creating a Custom Log Format ManuallySample Configuration File Creating Apache Log FormatsNcsa Arguments for Defining a Custom Log Format 11.Custom Log Format Argument SpecifiesFoobari Foobaro Formatt Time Format Definition 12.Time Format Definition Argument SpecifiesArgument Specifies 123 Web Server Logging 124 Advanced Configurations To add an NTP server by using the NetScaler command line Configuring Clock SynchronizationShow ntp server Example Parameters for configuring an NTP server ServerNameMinpoll MaxpollEnable ntp sync Disable ntp sync Configuring Clock Synchronization ManuallyStarting or Stopping the NTP Daemon Show ns config Example Usr/sbin/ntpd -c /nsconfig/ntp.conf -l /var/log/ntpd.logViewing the System Date and Time Configuring TCP Window Scaling Show ns tcpParam Example Parameters for configuring window scalingWSVal Configuring Selective Acknowledgment EnabledClearing the Configuration To enable Sack by using the Configuration UtilityParameters for clearing a configuration To clear a configuration by using the configuration utilityViewing the Http Band Statistics LevelReqBandSize RespBandSizeConfiguring Http Profiles To modify the band range by using the configuration utilityTo add an Http profile by using the NetScaler command line Built-in Http Profiles Built-in profile DescriptionParameters for adding an Http profile To add an Http profile by using the configuration utility Configuring TCP ProfilesBuilt-in TCP Profiles Built-in profile Description To add a TCP profile by using the NetScaler command line Parameters for creating a TCP profile To add a TCP profile by using the configuration utility Specifying a TCP Buffer Size Example Parameters for setting the TCP buffer size in a TCP profile BufferSizeParameters for specifying the MSS value in a TCP profile Specifying the MSS Value in a TCP ProfileMss Learn MSS for VServer LearnVsvrMSS Advanced Configurations 148 Web Interface How Web Interface Works PrerequisitesInstalling the Web Interface Web Interface tar file path Configuring the Web InterfaceJRE tar file path Parameters for configuring Web interface sites Gateway Direct Mode Authentication PointAccess Gateway URL PortConfiguring a Web Interface Site for LAN Users Using Http XML Service AddressesXML Service Port TransportA Web Interface Site Configured for LAN Users Using Http Site Type Published Resource Type Kiosk ModeVirtual Server Protocol select Https IP Address Port Add service WILoopbackService 127.0.0.1 Http Configuring a Web Interface Site for LAN Users Using Https A Web Interface Site Configured for LAN Users Using Https160 161 Add lb vserver Httpswi SSL 10.102.29.3 Configuring a Web Interface Site for Remote Users Using Agee A Web Interface Site Configured for Remote Users Using Agee 165 166 AppFlow How AppFlow Works NetScaler Flow SequenceFlow Records TemplatesConfiguring the AppFlow Feature To specify a collector by using the NetScaler command line Enabling or Disabling the AppFlow FeatureSpecifying a Collector Configuring an AppFlow Action To remove a collector by using the NetScaler command lineTo specify a collector by using the configuration utility Parameters for specifying a collectorCollectors Parameters for configuring an AppFlow actionComment Configuring an AppFlow Policy Show appflow policy nameParameters for configuring an AppFlow policy Rule ActionTo add an expression by using the Add Expression dialog box HttpBinding an AppFlow Policy Show appflow globalParameters for binding an AppFlow policy GotoPriorityExpressionInvoke Invoke flag LabelType LabelNameEnabling AppFlow for Virtual Servers Click Apply ChangesEnabling AppFlow for a Service Setting the AppFlow ParametersAppFlow Parameters HttpCookie HttpRefererHttpMethod HttpHostReporting Tool To invoke the Reporting tool Using the Reporting ToolWorking with Reports Using Built-in Reports Creating and Deleting ReportsModifying the Time Interval Time Intervals Time interval DisplaysSetting the Data Source and Time Zone Exporting and Importing Custom ReportsAdding a Chart Working with ChartsModifying a Chart Viewing a Chart To change the graph type of a chartTo view numeric data for a graph To change the color and graph type of a data set To export chart data to Excel Deleting a ChartExamples Stopping and Starting the Data Collection Utility Limits on Entity Numbers Retrieved by nscollect Entity nameTo stop nscollect To start nscollect on the local systemEntity name Limit Netscaler/nscollect stopTo start nscollect on the remote system Netscaler/nscollect start