Home > Configuration > Audit |
| Audit |
audit configuration. |
Configuration APIs |
Use this method to adds an audit message action. The action specifies whether to log the message, and to which log. |
Use this method to adds an nslog action. The action contains a reference to an nslog server and specifies which information to log and how to log that information. |
Use this method to adds a policy that defines which messages to log to the specified nslog server. |
Use this method to adds a syslog action. The action contains a reference to a syslog server, and specifies which information to log and how to log that information. |
Use this method to adds a policy that defines which messages to log to the specified syslog server. |
Use this method to bind policy to audit nslogGlobal. |
Use this method to bind policy to audit syslogGlobal. |
Use this method to get the current configuration of the specified audit message action. |
Use this method to get the most recent audit log messages. |
Use this method to get the current configuration of the specified nslog action. |
Use this method to get the list of policies bound to audit nslogGlobal bind point. |
Use this method to get the current nslog parameter settings. |
Use this method to get the current configuration of the specified nslog policy. |
Use this method to get the current configuration of the specified syslog action. |
Use this method to get the list of policies bound to the specified audit syslogGlobal bind point. |
Use this method to get the current syslog parameter settings. |
Use this method to get the current configuration of the specified syslog policy. |
Use this method to removes the specified audit message action and associated configuration. |
Use this method to removes the specified nslog action and associated configuration. Note: An nslog action cannot be removed if it is bound to an nslog policy. |
Use this method to removes the specified nslog policy and associated configuration. |
Use this method to removes the specified syslog action and associated configuration. Note: A syslog action cannot be removed if it is bound to a syslog policy. |
Use this method to removes the specified syslog policy and associated configuration. |
Use this method to set bypass the safety check and allow unsafe expressions. NOTE: This attribute is deprecated. bypassSafetyCheck is deprecated globally. Hence, deprecating this option in audit messageaction as well |
Use this method to set audit log level, which specifies the severity level of the log message being generated. The following loglevels are valid: * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. |
Use this method to set send the message to the new nslog. |
Use this method to set default-syntax expression that defines the format and content of the log message. |
Use this method to set log access control list (ACL) messages. |
Use this method to set log the ALG messages |
Use this method to set export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them. |
Use this method to set log Content Inspection event information |
Use this method to set format of dates in the logs. Supported formats are: * MMDDYYYY - U.S. style month/date/year format. * DDMMYYYY - European style date/month/year format. * YYYYMMDD - ISO style year/month/date format. |
Use this method to set log denylist violations |
Use this method to set immediately send a DNS query to resolve the server's domain name. |
Use this method to set time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the audit server if the last query failed. |
Use this method to set facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external. |
Use this method to set audit log level, which specifies the types of events to log. Available settings function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events. |
Use this method to set log the LSN messages |
Use this method to set log protocol violations |
Use this method to set auditserver name as a FQDN. Mutually exclusive with serverIP |
Use this method to set iP address of the nslog server. |
Use this method to set port on which the nslog server accepts connections. |
Use this method to set log SSL Interception event information |
Use this method to set log subscriber session event information |
Use this method to set log TCP messages. |
Use this method to set time zone used for date and timestamps in the logs. Available settings function as follows: * GMT_TIME. Coordinated Universal Time. * LOCAL_TIME. The server's timezone setting. |
Use this method to set log URL filtering event information NOTE: This attribute is deprecated. URLFiltering feature is no longer supported. Hence, this argument is deprecated for auditlogging, syslog and nslogparms. |
Use this method to set log user-configurable log messages to nslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria. |
Use this method to set configure auditing to log access control list (ACL) messages. |
Use this method to set log the ALG messages |
Use this method to set export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them. |
Use this method to set log Content Inspection event information |
Use this method to set format of dates in the logs. Supported formats are: * MMDDYYYY - U.S. style month/date/year format. * DDMMYYYY - European style date/month/year format. * YYYYMMDD - ISO style year/month/date format. |
Use this method to set log denylist violations |
Use this method to set facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external. |
Use this method to set types of information to be logged. Available settings function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events. |
Use this method to set log the LSN messages |
Use this method to set log protocol violations |
Use this method to set iP address of the nslog server. |
Use this method to set port on which the nslog server accepts connections. |
Use this method to set log SSL Interception event information |
Use this method to set log subscriber session event information |
Use this method to set configure auditing to log TCP messages. |
Use this method to set time zone used for date and timestamps in the logs. Supported settings are: * GMT_TIME - Coordinated Universal Time. * LOCAL_TIME - Use the server's timezone setting. |
Use this method to set log URL filtering event information NOTE: This attribute is deprecated. URLFiltering feature is no longer supported. Hence, this argument is deprecated for auditlogging, syslog and nslogparms. |
Use this method to set log user-configurable log messages to nslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria. |
Use this method to set nslog server action that is performed when this policy matches. NOTE: An nslog server action must be associated with an nslog audit policy. |
Use this method to set name of the Citrix ADC named rule, or an expression, that defines the messages to be logged to the nslog server. |
Use this method to set log access control list (ACL) messages. |
Use this method to set log alg info |
Use this method to set export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them. |
Use this method to set log Content Inspection event information |
Use this method to set format of dates in the logs. Supported formats are: * MMDDYYYY. -U.S. style month/date/year format. * DDMMYYYY - European style date/month/year format. * YYYYMMDD - ISO style year/month/date format. |
Use this method to set log denylist violations |
Use this method to set log DNS related syslog messages |
Use this method to set immediately send a DNS query to resolve the server's domain name. |
Use this method to set time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the syslog server if the last query failed. |
Use this method to set token for authenticating with the endpoint. If the endpoint requires the Authorization header in a particular format, specify the complete format as the value to this parameter. For eg., in case of splunk, the Authorization header is required to be of the form - Splunk |
Use this method to set the URL at which to upload the logs messages on the endpoint |
Use this method to set hTTP Schema file to input tokens to be sent in log message to log server |
Use this method to set name of the LB vserver. Mutually exclusive with syslog serverIP/serverName |
Use this method to set facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external. |
Use this method to set audit log level, which specifies the types of events to log. Available values function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events. |
Use this method to set log lsn info |
Use this method to set management log specifies the categories of log files to be exported. It use destination and transport from PE params. Available values function as follows: * ALL - All categories (SHELL, NSMGMT and ACCESS). * SHELL - bash.log, and sh.log. * ACCESS - auth.log, nsvpn.log, httpaccess.log, httperror.log, httpaccess-vpn.log and httperror-vpn.log. * NSMGMT - notice.log and ns.log. * NONE - No logs. |
Use this method to set max size of log data that can be held in NSB chain of server info. |
Use this method to set management log level, which specifies the types of events to log. Available values function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events. |
Use this method to set name of the network profile. The SNIP configured in the network profile will be used as source IP while sending log messages. |
Use this method to set log protocol violations |
Use this method to set sYSLOG server name as a FQDN. Mutually exclusive with serverIP/lbVserverName |
Use this method to set iP address of the syslog server. |
Use this method to set port on which the syslog server accepts connections. |
Use this method to set log SSL Interception event information |
Use this method to set export log stream analytics statistics to syslog server. |
Use this method to set log subscriber session event information |
Use this method to set setting this parameter ensures that all the Audit Logs generated for this Syslog Action comply with an RFC. For example, set it to RFC5424 to ensure RFC 5424 compliance |
Use this method to set log TCP messages. |
Use this method to set name of the TCP profile whose settings are to be applied to the audit server info to tune the TCP connection parameters. |
Use this method to set time zone used for date and timestamps in the logs. Supported settings are: * GMT_TIME. Coordinated Universal time. * LOCAL_TIME. Use the server's timezone setting. |
Use this method to set log URL filtering event information NOTE: This attribute is deprecated. URLFiltering feature is no longer supported. Hence, this argument is deprecated for auditlogging, syslog and nslogparms. |
Use this method to set log user-configurable log messages to syslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria. |
Use this method to set log access control list (ACL) messages. |
Use this method to set log the ALG messages |
Use this method to set export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them. |
Use this method to set log Content Inspection event ifnormation |
Use this method to set format of dates in the logs. Supported formats are: * MMDDYYYY - U.S. style month/date/year format. * DDMMYYYY. European style -date/month/year format. * YYYYMMDD - ISO style year/month/date format. |
Use this method to set log denylist violations |
Use this method to set log DNS related syslog messages |
Use this method to set facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external. |
Use this method to set types of information to be logged. Available settings function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * NONE - No events. |
Use this method to set log the LSN messages |
Use this method to set log protocol violations |
Use this method to set iP address of the syslog server. |
Use this method to set port on which the syslog server accepts connections. |
Use this method to set log SSL Interceptionn event information |
Use this method to set export log stream analytics statistics to syslog server |
Use this method to set log subscriber session event information |
Use this method to set log TCP messages. |
Use this method to set time zone used for date and timestamps in the logs. Available settings function as follows: * GMT_TIME - Coordinated Universal Time. * LOCAL_TIME Use the server's timezone setting. |
Use this method to set log URL filtering event information NOTE: This attribute is deprecated. URLFiltering feature is no longer supported. Hence, this argument is deprecated for auditlogging, syslog and nslogparms. |
Use this method to set log user-configurable log messages to syslog. Setting this parameter to NO causes audit to ignore all user-configured message actions. Setting this parameter to YES causes audit to log user-configured message actions that meet the other logging criteria. |
Use this method to set syslog server action to perform when this policy matches traffic. NOTE: A syslog server action must be associated with a syslog audit policy. |
Use this method to set name of the Citrix ADC named rule, or an expression, that defines the messages to be logged to the syslog server. |
Use this method to unbind globalbindtype from audit nslogGlobal. |
Use this method to unbind policy from audit nslogGlobal. |
Use this method to unbind globalbindtype from audit syslogGlobal. |
Use this method to unbind policy from audit syslogGlobal. |
Remove audit messageaction bypasssafetycheck setting. |
Remove audit messageaction logtonewnslog setting. |
Remove audit nslogAction acl setting. |
Remove audit nslogAction alg setting. |
Remove audit nslogAction appflowexport setting. |
Remove audit nslogAction contentinspectionlog setting. |
Remove audit nslogAction dateformat setting. |
Remove audit nslogAction denylistviolations setting. |
Remove audit nslogAction logfacility setting. |
Remove audit nslogAction loglevel setting. |
Remove audit nslogAction lsn setting. |
Remove audit nslogAction protocolviolations setting. |
Remove audit nslogAction serverport setting. |
Remove audit nslogAction sslinterception setting. |
Remove audit nslogAction subscriberlog setting. |
Remove audit nslogAction tcp setting. |
Remove audit nslogAction timezone setting. |
Remove audit nslogAction urlfiltering setting. |
Remove audit nslogAction userdefinedauditlog setting. |
Remove audit nslogParams acl setting. |
Remove audit nslogParams alg setting. |
Remove audit nslogParams appflowexport setting. |
Remove audit nslogParams contentinspectionlog setting. |
Remove audit nslogParams dateformat setting. |
Remove audit nslogParams denylistviolations setting. |
Remove audit nslogParams logfacility setting. |
Remove audit nslogParams loglevel setting. |
Remove audit nslogParams lsn setting. |
Remove audit nslogParams protocolviolations setting. |
Remove audit nslogParams serverip setting. |
Remove audit nslogParams serverport setting. |
Remove audit nslogParams sslinterception setting. |
Remove audit nslogParams subscriberlog setting. |
Remove audit nslogParams tcp setting. |
Remove audit nslogParams timezone setting. |
Remove audit nslogParams urlfiltering setting. |
Remove audit nslogParams userdefinedauditlog setting. |
Remove audit syslogAction acl setting. |
Remove audit syslogAction alg setting. |
Remove audit syslogAction appflowexport setting. |
Remove audit syslogAction contentinspectionlog setting. |
Remove audit syslogAction dateformat setting. |
Remove audit syslogAction denylistviolations setting. |
Remove audit syslogAction dns setting. |
Remove audit syslogAction httpauthtoken setting. |
Remove audit syslogAction httpendpointurl setting. |
Remove audit syslogAction httpschemafile setting. |
Remove audit syslogAction logfacility setting. |
Remove audit syslogAction loglevel setting. |
Remove audit syslogAction lsn setting. |
Remove audit syslogAction managementlog setting. |
Remove audit syslogAction maxlogdatasizetohold setting. |
Remove audit syslogAction mgmtloglevel setting. |
Remove audit syslogAction netprofile setting. |
Remove audit syslogAction protocolviolations setting. |
Remove audit syslogAction serverport setting. |
Remove audit syslogAction sslinterception setting. |
Remove audit syslogAction streamanalytics setting. |
Remove audit syslogAction subscriberlog setting. |
Remove audit syslogAction syslogcompliance setting. |
Remove audit syslogAction tcp setting. |
Remove audit syslogAction tcpprofile setting. |
Remove audit syslogAction timezone setting. |
Remove audit syslogAction urlfiltering setting. |
Remove audit syslogAction userdefinedauditlog setting. |
Remove audit syslogParams acl setting. |
Remove audit syslogParams alg setting. |
Remove audit syslogParams appflowexport setting. |
Remove audit syslogParams contentinspectionlog setting. |
Remove audit syslogParams dateformat setting. |
Remove audit syslogParams denylistviolations setting. |
Remove audit syslogParams dns setting. |
Remove audit syslogParams logfacility setting. |
Remove audit syslogParams loglevel setting. |
Remove audit syslogParams lsn setting. |
Remove audit syslogParams protocolviolations setting. |
Remove audit syslogParams serverip setting. |
Remove audit syslogParams serverport setting. |
Remove audit syslogParams sslinterception setting. |
Remove audit syslogParams streamanalytics setting. |
Remove audit syslogParams subscriberlog setting. |
Remove audit syslogParams tcp setting. |
Remove audit syslogParams timezone setting. |
Remove audit syslogParams urlfiltering setting. |
Remove audit syslogParams userdefinedauditlog setting. |