Skip to content

appflowparam

Configuration for AppFlow parameter resource.

Properties

(click to see Operations )

Name Data Type Permissions Description
templaterefresh <Double> Read-write Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.

Default value: 600

Minimum value = 60

Maximum value = 3600
appnamerefresh <Double> Read-write Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the Citrix ADC.

Default value: 600

Minimum value = 60

Maximum value = 3600
flowrecordinterval <Double> Read-write Interval, in seconds, at which to send flow records to the configured collectors.

Default value: 60

Minimum value = 60

Maximum value = 3600
securityinsightrecordinterval <Double> Read-write Interval, in seconds, at which to send security insight flow records to the configured collectors.

Default value: 600

Minimum value = 60

Maximum value = 3600
udppmtu <Double> Read-write MTU, in bytes, for IPFIX UDP packets.

Default value: 1472

Minimum value = 128

Maximum value = 1472
httpurl <String> Read-write Include the http URL that the Citrix ADC received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
aaausername <String> Read-write Enable AppFlow AAA Username logging.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpcookie <String> Read-write Include the cookie that was in the HTTP request the appliance received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpreferer <String> Read-write Include the web page that was last visited by the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpmethod <String> Read-write Include the method that was specified in the HTTP request that the appliance received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httphost <String> Read-write Include the host identified in the HTTP request that the appliance received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpuseragent <String> Read-write Include the client application through which the HTTP request was received by the Citrix ADC.

Default value: DISABLED

Possible values = ENABLED, DISABLED
clienttrafficonly <String> Read-write Generate AppFlow records for only the traffic from the client.

Default value: NO

Possible values = YES, NO
httpcontenttype <String> Read-write Include the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpauthorization <String> Read-write Include the HTTP Authorization header information.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpvia <String> Read-write Include the httpVia header which contains the IP address of proxy server through which the client accessed the server.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpxforwardedfor <String> Read-write Include the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httplocation <String> Read-write Include the HTTP location headers returned from the HTTP responses.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpsetcookie <String> Read-write Include the Set-cookie header sent from the server to the client in response to a HTTP request.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpsetcookie2 <String> Read-write Include the Set-cookie header sent from the server to the client in response to a HTTP request.

Default value: DISABLED

Possible values = ENABLED, DISABLED
connectionchaining <String> Read-write Enable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across Citrix ADCs, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpdomain <String> Read-write Include the http domain request to be exported.

Default value: DISABLED

Possible values = ENABLED, DISABLED
skipcacheredirectionhttptransaction <String> Read-write Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.

Default value: DISABLED

Possible values = ENABLED, DISABLED
identifiername <String> Read-write Include the stream identifier name to be exported.

Default value: DISABLED

Possible values = ENABLED, DISABLED
identifiersessionname <String> Read-write Include the stream identifier session name to be exported.

Default value: DISABLED

Possible values = ENABLED, DISABLED
observationdomainid <Double> Read-write An observation domain groups a set of Citrix ADCs based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.

Default value: 0

Minimum value = 1000
observationdomainname <String> Read-write Name of the Observation Domain defined by the observation domain ID.

Maximum length = 127
subscriberawareness <String> Read-write Enable this option for logging end user MSISDN in L4/L7 appflow records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
subscriberidobfuscation <String> Read-write Enable this option for obfuscating MSISDN in L4/L7 appflow records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
subscriberidobfuscationalgo <String> Read-write Algorithm(MD5 or SHA256) to be used for obfuscating MSISDN.

Default value: MD5

Possible values = MD5, SHA256
gxsessionreporting <String> Read-write Enable this option for Gx session reporting.

Default value: DISABLED

Possible values = ENABLED, DISABLED
securityinsighttraffic <String> Read-write Enable/disable the feature individually on appflow action.

Default value: DISABLED

Possible values = ENABLED, DISABLED
cacheinsight <String> Read-write Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
videoinsight <String> Read-write Enable/disable the feature individually on appflow action.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpquerywithurl <String> Read-write Include the HTTP query segment along with the URL that the Citrix ADC received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
urlcategory <String> Read-write Include the URL category record.

Default value: DISABLED

Possible values = ENABLED, DISABLED
lsnlogging <String> Read-write On enabling this option, the Citrix ADC will send the Large Scale Nat(LSN) records to the configured collectors.

Default value: DISABLED

Possible values = ENABLED, DISABLED
cqareporting <String> Read-write TCP CQA reporting enable/disable knob.

Default value: DISABLED

Possible values = ENABLED, DISABLED
emailaddress <String> Read-write Enable AppFlow user email-id logging.

Default value: DISABLED

Possible values = ENABLED, DISABLED
usagerecordinterval <Double> Read-write On enabling this option, the NGS will send bandwidth usage record to configured collectors.

Default value: 0

Minimum value = 0

Maximum value = 7200
metrics <String> Read-write Enable Citrix ADC Stats to be sent to the Telemetry Agent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
events <String> Read-write Enable Events to be sent to the Telemetry Agent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
auditlogs <String> Read-write Enable Auditlogs to be sent to the Telemetry Agent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
observationpointid <Double> Read-write An observation point ID is identifier for the NetScaler from which appflow records are being exported. By default, the NetScaler IP is the observation point ID.

Minimum value = 1
distributedtracing <String> Read-write Enable generation of the distributed tracing templates in the Appflow records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
disttracingsamplingrate <Double> Read-write Sampling rate for Distributed Tracing.

Default value: 0

Minimum value = 0

Maximum value = 100
tcpattackcounterinterval <Double> Read-write Interval, in seconds, at which to send tcp attack counters to the configured collectors. If 0 is configured, the record is not sent.

Default value: 0

Minimum value = 0

Maximum value = 3600
logstreamovernsip <String> Read-write To use the Citrix ADC IP to send Logstream records instead of the SNIP.

Default value: DISABLED

Possible values = ENABLED, DISABLED
aaainsight <String> Read-write Enable/Disable AAA insights.

Default value: DISABLED

Possible values = ENABLED, DISABLED
builtin <String[]> Read-only Flag to determine if the appflow param is built-in or not.

Possible values = MODIFIABLE, DELETABLE, IMMUTABLE, PARTITION_ALL
feature <String> Read-only The feature to be checked while applying this config.
tcpburstreporting <String> Read-only TCP burst reporting enable/disable knob.

Default value: ENABLED

Possible values = ENABLED, DISABLED
tcpburstreportingthreshold <Double> Read-only TCP burst reporting threshold.

Default value: 1500

Minimum value = 10

Maximum value = 5000

Operations

(click to see Properties )

  • UPDATE
  • UNSET
  • GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER: <username>

    X-NITRO-PASS: <password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Note:

Mandatory parameters are marked in red and placeholder content is marked in green

update

URL: http:// <netscaler-ip-address> /nitro/v1/config/appflowparam

HTTP Method: PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload:

{"appflowparam":{
      "templaterefresh":<Double_value>,
      "appnamerefresh":<Double_value>,
      "flowrecordinterval":<Double_value>,
      "securityinsightrecordinterval":<Double_value>,
      "udppmtu":<Double_value>,
      "httpurl":<String_value>,
      "aaausername":<String_value>,
      "httpcookie":<String_value>,
      "httpreferer":<String_value>,
      "httpmethod":<String_value>,
      "httphost":<String_value>,
      "httpuseragent":<String_value>,
      "clienttrafficonly":<String_value>,
      "httpcontenttype":<String_value>,
      "httpauthorization":<String_value>,
      "httpvia":<String_value>,
      "httpxforwardedfor":<String_value>,
      "httplocation":<String_value>,
      "httpsetcookie":<String_value>,
      "httpsetcookie2":<String_value>,
      "connectionchaining":<String_value>,
      "httpdomain":<String_value>,
      "skipcacheredirectionhttptransaction":<String_value>,
      "identifiername":<String_value>,
      "identifiersessionname":<String_value>,
      "observationdomainid":<Double_value>,
      "observationdomainname":<String_value>,
      "subscriberawareness":<String_value>,
      "subscriberidobfuscation":<String_value>,
      "subscriberidobfuscationalgo":<String_value>,
      "gxsessionreporting":<String_value>,
      "securityinsighttraffic":<String_value>,
      "cacheinsight":<String_value>,
      "videoinsight":<String_value>,
      "httpquerywithurl":<String_value>,
      "urlcategory":<String_value>,
      "lsnlogging":<String_value>,
      "cqareporting":<String_value>,
      "emailaddress":<String_value>,
      "usagerecordinterval":<Double_value>,
      "metrics":<String_value>,
      "events":<String_value>,
      "auditlogs":<String_value>,
      "observationpointid":<Double_value>,
      "distributedtracing":<String_value>,
      "disttracingsamplingrate":<Double_value>,
      "tcpattackcounterinterval":<Double_value>,
      "logstreamovernsip":<String_value>,
      "aaainsight":<String_value>
}}

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

unset

URL: http:// <netscaler-ip-address> /nitro/v1/config/appflowparam? action=unset

HTTP Method: POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload:

{"appflowparam":{
      "templaterefresh":true,
      "appnamerefresh":true,
      "flowrecordinterval":true,
      "securityinsightrecordinterval":true,
      "udppmtu":true,
      "httpurl":true,
      "aaausername":true,
      "httpcookie":true,
      "httpreferer":true,
      "httpmethod":true,
      "httphost":true,
      "httpuseragent":true,
      "clienttrafficonly":true,
      "httpcontenttype":true,
      "httpauthorization":true,
      "httpvia":true,
      "httpxforwardedfor":true,
      "httplocation":true,
      "httpsetcookie":true,
      "httpsetcookie2":true,
      "connectionchaining":true,
      "httpdomain":true,
      "skipcacheredirectionhttptransaction":true,
      "identifiername":true,
      "identifiersessionname":true,
      "observationdomainid":true,
      "observationdomainname":true,
      "subscriberawareness":true,
      "subscriberidobfuscation":true,
      "subscriberidobfuscationalgo":true,
      "gxsessionreporting":true,
      "securityinsighttraffic":true,
      "cacheinsight":true,
      "videoinsight":true,
      "httpquerywithurl":true,
      "urlcategory":true,
      "lsnlogging":true,
      "cqareporting":true,
      "emailaddress":true,
      "usagerecordinterval":true,
      "metrics":true,
      "events":true,
      "auditlogs":true,
      "observationpointid":true,
      "distributedtracing":true,
      "disttracingsamplingrate":true,
      "tcpattackcounterinterval":true,
      "logstreamovernsip":true,
      "aaainsight":true
}}

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get (all)

URL: http:// <netscaler-ip-address> /nitro/v1/config/appflowparam

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response:

HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload:

{ "appflowparam": [ {
      "templaterefresh":<Double_value>,
      "appnamerefresh":<Double_value>,
      "flowrecordinterval":<Double_value>,
      "securityinsightrecordinterval":<Double_value>,
      "udppmtu":<Double_value>,
      "httpurl":<String_value>,
      "aaausername":<String_value>,
      "httpcookie":<String_value>,
      "httpreferer":<String_value>,
      "httpmethod":<String_value>,
      "httphost":<String_value>,
      "httpuseragent":<String_value>,
      "clienttrafficonly":<String_value>,
      "httpcontenttype":<String_value>,
      "httpauthorization":<String_value>,
      "httpvia":<String_value>,
      "httpxforwardedfor":<String_value>,
      "httplocation":<String_value>,
      "httpsetcookie":<String_value>,
      "httpsetcookie2":<String_value>,
      "connectionchaining":<String_value>,
      "httpdomain":<String_value>,
      "skipcacheredirectionhttptransaction":<String_value>,
      "identifiername":<String_value>,
      "identifiersessionname":<String_value>,
      "observationdomainid":<Double_value>,
      "observationpointid":<Double_value>,
      "observationdomainname":<String_value>,
      "builtin":<String[]_value>,
      "feature":<String_value>,
      "securityinsighttraffic":<String_value>,
      "subscriberawareness":<String_value>,
      "subscriberidobfuscation":<String_value>,
      "subscriberidobfuscationalgo":<String_value>,
      "gxsessionreporting":<String_value>,
      "cacheinsight":<String_value>,
      "videoinsight":<String_value>,
      "httpquerywithurl":<String_value>,
      "tcpburstreporting":<String_value>,
      "tcpburstreportingthreshold":<Double_value>,
      "urlcategory":<String_value>,
      "lsnlogging":<String_value>,
      "cqareporting":<String_value>,
      "emailaddress":<String_value>,
      "usagerecordinterval":<Double_value>,
      "metrics":<String_value>,
      "events":<String_value>,
      "auditlogs":<String_value>,
      "distributedtracing":<String_value>,
      "disttracingsamplingrate":<Double_value>,
      "tcpattackcounterinterval":<Double_value>,
      "logstreamovernsip":<String_value>,
      "aaainsight":<String_value>
}]}