ADC CLI Commands

audit-nslogParams

August 18, 2023

Contributed by:

The following operations can be performed on “audit-nslogParams”:

show

set

unset

show audit nslogParams

Displays the current nslog parameter settings.

Synopsis

show audit nslogParams

Arguments

Output

name Name of the nslog param.

serverIP IP address of the nslog server.

serverPort Port on which the nslog server accepts connections.

dateFormat Format of dates in the logs. Supported formats are:

MMDDYYYY - U.S. style month/date/year format.
DDMMYYYY - European style date/month/year format.
YYYYMMDD - ISO style year/month/date format.

logLevel The audit log level.

logFacility Facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external.

tcp Configure auditing to log TCP messages.

acl Configure auditing to log access control list (ACL) messages.

timeZone Time zone used for date and timestamps in the logs. Supported settings are:

GMT_TIME - Coordinated Universal Time.
LOCAL_TIME - Use the server’s timezone setting.

userDefinedAuditlog Log user-configurable log messages to nslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria.

appflowExport Export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them.

builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.

feature The feature to be checked while applying this config

lsn Log the LSN messages

alg Log the ALG messages

subscriberLog Log subscriber session event information

sslInterception Log SSL Interception event information

urlFiltering Log URL filtering event information

ContentInspectionLog Log Content Inspection event information

set audit nslogParams

Modifies the specified nslog parameters. Changes the IP address, the port, or the logging parameters for logs sent to nslog.

Synopsis

set audit nslogParams [-serverIP <ip_addr

ipv6_addr

*>] [-serverPort ] \[-dateFormat ] \[-logLevel ...] \[-logFacility ] \[-tcp \( NONE

ALL )] [-acl ( ENABLED

DISABLED )] [-timeZone ( GMT_TIME

LOCAL_TIME )] [-userDefinedAuditlog ( YES

NO )] [-appflowExport ( ENABLED

DISABLED )] [-lsn ( ENABLED

DISABLED )] [-alg ( ENABLED

DISABLED )] [-subscriberLog ( ENABLED

DISABLED )] [-sslInterception ( ENABLED

DISABLED )] [-urlFiltering ( ENABLED

DISABLED )] [-ContentInspectionLog ( ENABLED

DISABLED )]

Arguments

serverIP IP address of the nslog server.

serverPort Port on which the nslog server accepts connections. Minimum value: 1

dateFormat Format of dates in the logs. Supported formats are:

MMDDYYYY - U.S. style month/date/year format.
DDMMYYYY - European style date/month/year format.
YYYYMMDD - ISO style year/month/date format.

Possible values: MMDDYYYY, DDMMYYYY, YYYYMMDD

logLevel Types of information to be logged. Available settings function as follows:

ALL - All events.
EMERGENCY - Events that indicate an immediate crisis on the server.
ALERT - Events that might require action.
CRITICAL - Events that indicate an imminent server crisis.
ERROR - Events that indicate some type of error.
WARNING - Events that require action in the near future.
NOTICE - Events that the administrator should know about.
INFORMATIONAL - All but low-level events.
DEBUG - All events, in extreme detail.
NONE - No events.

Possible values: LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7

tcp Configure auditing to log TCP messages.

Possible values: NONE, ALL

acl Configure auditing to log access control list (ACL) messages.