Tuesday, November 26, 2013

NetScaler - Logging Audit Messages

I was asked today if there was a way to get alerts from the NetScaler about a policy being hit for one of our external facing websites from an external source. I started to look into doing this but have decided that it would be quite the effort, at least for my first time. I did a bit of research and came up with a few sources which may help put the whole alerting system together. If I get a chance to configure this I will update this with how I completed it.

This solution requires:
  • NetScaler
    • Auditing
      • Auditing Message Actions
    • VServers
    • Responder/Rewrite policies
  • Citrix Command Center
    • Alarm Trigger

Resources for creating custom logging:
Quick template of how to setup message actions from Citrix.com.
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-ag-al-confrng-policy-based-logging-tsk.html.

This shows how to log an HTTP header using policy-based logging.
http://support.citrix.com/article/CTX125466

This shows how to setup the message action and how to bind that policy to a responder policy.
http://blogs.citrix.com/2011/08/25/log-what-and-when-you-want-%E2%80%93-all-the-way-from-layer-2-to-layer-7/

This shows how to configure email alerts on Citrix Command Center
http://support.citrix.com/article/CTX133137
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)