audit-syslogAction¶
The following operations can be performed on "audit-syslogAction":
show audit syslogAction¶
Displays the current configuration of the specified syslog action. If no syslog action is specified, displays a list of all syslog actions currently configured on the Citrix ADC.
Synopsis¶
show audit syslogAction [
Arguments¶
name Name of the syslog action.
Output¶
serverIP IP address of the syslog server.
serverDomainName SYSLOG server name as a FQDN. Mutually exclusive with serverIP/lbVserverName
IP The resolved IP address of the syslog server
lbVserverName Name of the LB vserver. Mutually exclusive with syslog serverIP/serverName
domainResolveRetry Time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the syslog server if the last query failed.
domainResolveNow Immediately send a DNS query to resolve the server's domain name.
serverPort Port on which the syslog server accepts connections.
logLevel Audit log level, which specifies the types of events to log. Available values function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events.
dateFormat Format of dates in the logs. Supported formats are: * MMDDYYYY. -U.S. style month/date/year format. * DDMMYYYY - European style date/month/year format. * YYYYMMDD - ISO style year/month/date format.
logFacility Facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external.
tcp Log TCP messages.
acl Log access control list (ACL) messages.
timeZone Time zone used for date and timestamps in the logs. Supported settings are: * GMT_TIME. Coordinated Universal time. * LOCAL_TIME. Use the server's timezone setting.
stateflag userDefinedAuditlog Log user-configurable log messages to syslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria.
appflowExport Disable export of log messages to AppFlow collectors.
builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.
feature The feature to be checked while applying this config
lsn Log lsn info
alg Log alg info
subscriberLog Log subscriber session event information
transport Transport type used to send auditlogs to syslog server. Default type is UDP.
tcpProfileName Name of the TCP profile whose settings are to be applied to the audit server info to tune the TCP connection parameters.
maxLogDataSizeToHold Max size of log data that can be held in NSB chain of server info.
dns Log DNS related syslog messages
netProfile Name of the network profile. The SNIP configured in the network profile will be used as source IP while sending log messages.
sslInterception Log SSL Interception event information
urlFiltering Log URL filtering event information
ContentInspectionLog Log Content Inspection event information
devno count
rm audit syslogAction¶
Removes the specified syslog action and associated configuration. Note: A syslog action cannot be removed if it is bound to a syslog policy.
Synopsis¶
rm audit syslogAction
Arguments¶
name Name of the syslog action to remove.
add audit syslogAction¶
Adds a syslog action. The action contains a reference to a syslog server, and specifies which information to log and how to log that information.
Synopsis¶
add audit syslogAction
Arguments¶
name Name of the syslog action. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after the syslog action is added.
The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my syslog action" or 'my syslog action').
serverIP IP address of the syslog server.
serverDomainName SYSLOG server name as a FQDN. Mutually exclusive with serverIP/lbVserverName
domainResolveRetry Time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the syslog server if the last query failed. Default value: 5 Minimum value: 5 Maximum value: 20939
lbVserverName Name of the LB vserver. Mutually exclusive with syslog serverIP/serverName
serverPort Port on which the syslog server accepts connections. Minimum value: 1
logLevel Audit log level, which specifies the types of events to log. Available values function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events.
dateFormat Format of dates in the logs. Supported formats are: * MMDDYYYY. -U.S. style month/date/year format. * DDMMYYYY - European style date/month/year format. * YYYYMMDD - ISO style year/month/date format.
Possible values: MMDDYYYY, DDMMYYYY, YYYYMMDD
logFacility Facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external.
Possible values: LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7
tcp Log TCP messages.
Possible values: NONE, ALL
acl Log access control list (ACL) messages.
Possible values: ENABLED, DISABLED
timeZone Time zone used for date and timestamps in the logs. Supported settings are: * GMT_TIME. Coordinated Universal time. * LOCAL_TIME. Use the server's timezone setting.
Possible values: GMT_TIME, LOCAL_TIME
userDefinedAuditlog Log user-configurable log messages to syslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria.
Possible values: YES, NO
appflowExport Export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them.
Possible values: ENABLED, DISABLED
lsn Log lsn info
Possible values: ENABLED, DISABLED
alg Log alg info
Possible values: ENABLED, DISABLED
subscriberLog Log subscriber session event information
Possible values: ENABLED, DISABLED
transport Transport type used to send auditlogs to syslog server. Default type is UDP.
Possible values: TCP, UDP
tcpProfileName Name of the TCP profile whose settings are to be applied to the audit server info to tune the TCP connection parameters.
maxLogDataSizeToHold Max size of log data that can be held in NSB chain of server info. Default value: 500 Minimum value: 50 Maximum value: 25600
dns Log DNS related syslog messages
Possible values: ENABLED, DISABLED
ContentInspectionLog Log Content Inspection event information
Possible values: ENABLED, DISABLED
netProfile Name of the network profile. The SNIP configured in the network profile will be used as source IP while sending log messages.
sslInterception Log SSL Interception event information
Possible values: ENABLED, DISABLED
urlFiltering Log URL filtering event information
Possible values: ENABLED, DISABLED
set audit syslogAction¶
Modifies the specified parameters of an existing syslog action.
Synopsis¶
set audit syslogAction
Arguments¶
name Name of the syslog action to be modified.
serverIP IP address of the syslog server.
serverDomainName SYSLOG server name as a FQDN. Mutually exclusive with serverIP/lbVserverName
lbVserverName Name of the LB vserver. Mutually exclusive with syslog serverIP/serverName
domainResolveRetry Time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the syslog server if the last query failed. Default value: 5 Minimum value: 5 Maximum value: 20939
domainResolveNow Immediately send a DNS query to resolve the server's domain name.
serverPort Port on which the syslog server accepts connections. Minimum value: 1
logLevel Audit log level, which specifies the types of events to log. Available values function as follows: * ALL - All events. * EMERGENCY - Events that indicate an immediate crisis on the server. * ALERT - Events that might require action. * CRITICAL - Events that indicate an imminent server crisis. * ERROR - Events that indicate some type of error. * WARNING - Events that require action in the near future. * NOTICE - Events that the administrator should know about. * INFORMATIONAL - All but low-level events. * DEBUG - All events, in extreme detail. * NONE - No events.
dateFormat Format of dates in the logs. Supported formats are: * MMDDYYYY. -U.S. style month/date/year format. * DDMMYYYY - European style date/month/year format. * YYYYMMDD - ISO style year/month/date format.
Possible values: MMDDYYYY, DDMMYYYY, YYYYMMDD
logFacility Facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external.
Possible values: LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7
tcp Log TCP messages.
Possible values: NONE, ALL
acl Log access control list (ACL) messages.
Possible values: ENABLED, DISABLED
timeZone Time zone used for date and timestamps in the logs. Supported settings are: * GMT_TIME. Coordinated Universal time. * LOCAL_TIME. Use the server's timezone setting.
Possible values: GMT_TIME, LOCAL_TIME
userDefinedAuditlog Log user-configurable log messages to syslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria.
Possible values: YES, NO
appflowExport Export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them.
Possible values: ENABLED, DISABLED
lsn Log lsn info
Possible values: ENABLED, DISABLED
alg Log alg info
Possible values: ENABLED, DISABLED
subscriberLog Log subscriber session event information
Possible values: ENABLED, DISABLED
tcpProfileName Name of the TCP profile whose settings are to be applied to the audit server info to tune the TCP connection parameters.
maxLogDataSizeToHold Max size of log data that can be held in NSB chain of server info. Default value: 500 Minimum value: 50 Maximum value: 25600
dns Log DNS related syslog messages
Possible values: ENABLED, DISABLED
ContentInspectionLog Log Content Inspection event information
Possible values: ENABLED, DISABLED
netProfile Name of the network profile. The SNIP configured in the network profile will be used as source IP while sending log messages.
sslInterception Log SSL Interception event information
Possible values: ENABLED, DISABLED
urlFiltering Log URL filtering event information
Possible values: ENABLED, DISABLED
unset audit syslogAction¶
Removes the settings of an existing syslog action. Attributes for which a default value is available revert to their default values. See the set audit syslogAction command for a description of the parameters..Refer to the set audit syslogAction command for meanings of the arguments.
Synopsis¶
unset audit syslogAction