Log HTTP requests where the response is HTTP 5xx (server error)

In some scenarios in a Citrix ADC load balancing set up, a web server responds with a 5xx error code when it is unable to handle the request for reasons such as invalid requests, temporary overloading, or server maintenance. For example:

  • 502 Bad Gateway. The server is acting as a gateway or proxy and received an invalid response from the upstream server.
  • 503 Service Unavailable. The server is currently unavailable. The servers might be overloaded or down for maintenance.
  • 504 Gateway Time-out. The server is acting as a gateway or proxy and did not receive a timely response from the upstream server.

You can log the HTTP requests for which the server responded with an HTTP 5xx error. You can then analyse these HTTP requests in a testing set up to troubleshoot the issues in server. To log the HTTP requests for which the server responded with an HTTP 5xx error, you must create an audit message action, create a rewrite policy and, associate the audit message action to the the rewrite policy. Then, you must bind the rewrite policy to the load balancing virtual server.

The Citrix ADC appliance uses the rewrite policy to identify the HTTP requests, for which the server responded with an HTTP 5xx error, in to the load balancing configuration. Then the appliance log these HTTP requests in a format defined in the audit message action.

Before you begin

Before configuring a Citrix ADC appliance to log HTTP requests, for which the server responded with an HTTP 5xx error, make sure that:

  • You have deployed a Citrix ADC VPX appliance and the appliance is UP and running in your setup. For more information, see Deploy a Citrix ADC VPX instance.

  • You have added a subnet IP (SNIP) address on the Citrix ADC appliance. A Citrix ADC uses a subnet IP (SNIP) address as a source IP address to proxy client connections to servers. For more information, see Configuring Subnet IP Addresses.

  • You have added an HTTP load balancing configuration in the Citrix ADC appliance. For more information about load balancing configuration, see:
  • You have already configured audit logging (SYSLOG or NSLOG) in the Citrix ADC appliance.
    • Enabled userdefinedauditlog option in the related audit action server entity.
    • Bound the related audit policy to system global.

    For more information about Citrix ADC audit logging, see:

  • You have a basic understading of the Citrix ADC NITRO REST APIs. For more information, see Citrix ADC NITRO API reference.

Configuration steps

Configuring a Citrix ADC appliance to log HTTP requests, for which the server responded with an HTTP 5xx error, consists of the following steps:

  1. Create an audit message action
  2. Create a rewrite policy and specify the audit message action
  3. Bind the rewrite policy to the load balancing virtual server

Create an audit message action

To create an audit message action, you use the auditmessageaction NITRO API object.

For more information about the auditmessageaction object and its properties, see Citrix NITRO API reference for auditmessageaction.

Curl request

curl -X POST -H "Content-Type: application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/auditmessageaction -d '{ "auditmessageaction": { "name":"<value>", "loglevel":"<value>", "stringbuilderexpr":"<value>" }}'
<!--NeedCopy-->

Create a rewrite policy and specify the audit message action

To create a rewrite policy and specify the audit message action, you use the rewritepolicy NITRO API object.

For more information about the rewritepolicy object and its properties, see Citrix NITRO API reference for rewritepolicy.

Curl request

curl -v -X POST  -H "Content-Type: application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/rewritepolicy -d '{ "rewritepolicy": { "name":"<value>", "rule":"<value>", "action":"<value>", "logaction":"<value>"}'
<!--NeedCopy-->

Bind the rewrite policy to the load balancing virtual server

To bind the rewrite policy to the load balancing virtual server, you use the lbvserver_rewritepolicy_binding NITRO API object.

For more information about the lbvserver_rewritepolicy_binding object and its properties, see Citrix NITRO API reference for lbvserver_rewritepolicy_binding.

Curl request

curl -v -X PUT -H "Content-Type:application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/ lbvserver_rewritepolicy_binding -d '{ "lbvserver_rewritepolicy_binding": { "name":"<value>", "policyname":"<value>", "priority":"<value>", "gotopriorityexpression":"<value>", "bindpoint":"<value>" } }'
<!--NeedCopy-->

Sample configuration

Steps Curl requests
Create an audit message action curl -X POST -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/auditmessageaction -d '{"auditmessageaction": { "name":"ADT-MSG-ACN-LOG-5XX", "loglevel":"WARNING", "stringbuilderexpr": ""\"Received \" + HTTP.RES.STATUS + \" response for URL : \" + HTTP.REQ.URL.HTTP_URL_SAFE""}}'
Create a rewrite policy and specify the audit message action curl -v -X POST -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/rewritepolicy -d '{ "rewritepolicy": { "name":"RWRT-POL-LOG-5XX", "rule":"HTTP.RES.IS_SERVER_ERROR", "action":"NOREWRITE", "logaction":"ADT-MSG-ACN-LOG-5XX"}'
Bind the rewrite policy to the load balancing virtual server curl -v -X PUT -H "Content-Type:application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/ lbvserver_rewritepolicy_binding -d '{ "lbvserver_rewritepolicy_binding": { "name":"LBVS-1", "policyname":"RWRT-POL-LOG-5XX", "priority": "100", "gotopriorityexpression": "END", "bindpoint": "RESPONSE" } }'
Log HTTP requests where the response is HTTP 5xx (server error)