| getauditsyslogactionResult Structure Definition |
The getauditsyslogactionResult structure defines the return type for getauditsyslogaction API. |
Syntax |
Members |
rc |
If the method succeeds, rc is 0 else rc > 0. Values above 0x8000 indicate Warnings. |
message |
If the method succeeds, message is NULL else message contains Error/Warning message. |
auditsyslogactionList |
List of auditsyslogactions |
| auditsyslogaction Structure Definition |
The auditsyslogaction structure defines the actual return type values for getauditsyslogaction API. |
Syntax |
Members |
name |
Name of the syslog action. |
serverip |
IP address of the syslog server. |
serverdomainname |
SYSLOG server name as a FQDN. Mutually exclusive with serverIP/lbVserverName |
ip |
The resolved IP address of the syslog server |
lbvservername |
Name of the LB vserver. Mutually exclusive with syslog serverIP/serverName |
domainresolveretry |
Time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the syslog server if the last query failed. |
domainresolvenow |
Immediately send a DNS query to resolve the server's domain name. |
serverport |
Port on which the syslog server accepts connections. |
loglevel |
Audit log level, which specifies the types of events to log.
Available values function as follows:
* ALL - All events.
* EMERGENCY - Events that indicate an immediate crisis on the server.
* ALERT - Events that might require action.
* CRITICAL - Events that indicate an imminent server crisis.
* ERROR - Events that indicate some type of error.
* WARNING - Events that require action in the near future.
* NOTICE - Events that the administrator should know about.
* INFORMATIONAL - All but low-level events.
* DEBUG - All events, in extreme detail.
* NONE - No events. |
managementlog |
Management log specifies the categories of log files to be exported.
It use destination and transport from PE params.
Available values function as follows:
* ALL - All categories (SHELL, NSMGMT and ACCESS).
* SHELL - bash.log, and sh.log.
* ACCESS - auth.log, nsvpn.log, httpaccess.log, httperror.log, httpaccess-vpn.log and httperror-vpn.log.
* NSMGMT - notice.log and ns.log.
* NONE - No logs. |
mgmtloglevel |
Management log level, which specifies the types of events to log.
Available values function as follows:
* ALL - All events.
* EMERGENCY - Events that indicate an immediate crisis on the server.
* ALERT - Events that might require action.
* CRITICAL - Events that indicate an imminent server crisis.
* ERROR - Events that indicate some type of error.
* WARNING - Events that require action in the near future.
* NOTICE - Events that the administrator should know about.
* INFORMATIONAL - All but low-level events.
* DEBUG - All events, in extreme detail.
* NONE - No events. |
syslogcompliance |
Setting this parameter ensures that all the Audit Logs generated for this Syslog Action comply with an RFC. For example, set it to RFC5424 to ensure RFC 5424 compliance |
dateformat |
Format of dates in the logs.
Supported formats are:
* MMDDYYYY. -U.S. style month/date/year format.
* DDMMYYYY - European style date/month/year format.
* YYYYMMDD - ISO style year/month/date format. |
logfacility |
Facility value, as defined in RFC 3164, assigned to the log message.
Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external. |
tcp |
Log TCP messages. |
acl |
Log access control list (ACL) messages. |
timezone |
Time zone used for date and timestamps in the logs.
Supported settings are:
* GMT_TIME. Coordinated Universal time.
* LOCAL_TIME. Use the server's timezone setting. |
userdefinedauditlog |
Log user-configurable log messages to syslog.
Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria. |
appflowexport |
Disable export of log messages to AppFlow collectors. |
builtin |
Indicates that a variable is a built-in (SYSTEM INTERNAL) type. |
lsn |
Log lsn info |
alg |
Log alg info |
subscriberlog |
Log subscriber session event information |
transport |
Transport type used to send auditlogs to syslog server. Default type is UDP. |
httpauthtoken |
Token for authenticating with the endpoint. If the endpoint requires the Authorization header in a particular format, specify the complete format as the value to this parameter. For eg., in case of splunk, the Authorization header is required to be of the form - Splunk |
httpendpointurl |
The URL at which to upload the logs messages on the endpoint |
httpschemafile |
HTTP Schema file to input tokens to be sent in log message to log server |
tcpprofilename |
Name of the TCP profile whose settings are to be applied to the audit server info to tune the TCP connection parameters. |
maxlogdatasizetohold |
Max size of log data that can be held in NSB chain of server info. |
dns |
Log DNS related syslog messages |
netprofile |
Name of the network profile.
The SNIP configured in the network profile will be used as source IP while sending log messages. |
sslinterception |
Log SSL Interception event information |
urlfiltering |
Log URL filtering event information NOTE: This attribute is deprecated. URLFiltering feature is no longer supported. Hence, this argument is deprecated for auditlogging, syslog and nslogparms. |
contentinspectionlog |
Log Content Inspection event information |
streamanalytics |
Export log stream analytics statistics to syslog server. |
protocolviolations |
Log protocol violations |
denylistviolations |
Log denylist violations |
_nextgenapiresource |
See Also |