Download full document:

appflowparam

Configuration for AppFlow parameter resource.

Properties

(click to see Operations)

NameData TypePermissionsDescription
templaterefresh<Double>Read-writeRefresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.
Default value: 600
Minimum value = 60
Maximum value = 3600
appnamerefresh<Double>Read-writeInterval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the Citrix ADC.
Default value: 600
Minimum value = 60
Maximum value = 3600
flowrecordinterval<Double>Read-writeInterval, in seconds, at which to send flow records to the configured collectors.
Default value: 60
Minimum value = 60
Maximum value = 3600
securityinsightrecordinterval<Double>Read-writeInterval, in seconds, at which to send security insight flow records to the configured collectors.
Default value: 600
Minimum value = 60
Maximum value = 3600
udppmtu<Double>Read-writeMTU, in bytes, for IPFIX UDP packets.
Default value: 1472
Minimum value = 128
Maximum value = 1472
httpurl<String>Read-writeInclude the http URL that the Citrix ADC received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
aaausername<String>Read-writeEnable AppFlow AAA Username logging.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpcookie<String>Read-writeInclude the cookie that was in the HTTP request the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpreferer<String>Read-writeInclude the web page that was last visited by the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpmethod<String>Read-writeInclude the method that was specified in the HTTP request that the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httphost<String>Read-writeInclude the host identified in the HTTP request that the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpuseragent<String>Read-writeInclude the client application through which the HTTP request was received by the Citrix ADC.
Default value: DISABLED
Possible values = ENABLED, DISABLED
clienttrafficonly<String>Read-writeGenerate AppFlow records for only the traffic from the client.
Default value: NO
Possible values = YES, NO
httpcontenttype<String>Read-writeInclude the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpauthorization<String>Read-writeInclude the HTTP Authorization header information.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpvia<String>Read-writeInclude the httpVia header which contains the IP address of proxy server through which the client accessed the server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpxforwardedfor<String>Read-writeInclude the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httplocation<String>Read-writeInclude the HTTP location headers returned from the HTTP responses.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpsetcookie<String>Read-writeInclude the Set-cookie header sent from the server to the client in response to a HTTP request.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpsetcookie2<String>Read-writeInclude the Set-cookie header sent from the server to the client in response to a HTTP request.
Default value: DISABLED
Possible values = ENABLED, DISABLED
connectionchaining<String>Read-writeEnable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across Citrix ADCs, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpdomain<String>Read-writeInclude the http domain request to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
skipcacheredirectionhttptransaction<String>Read-writeSkip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
identifiername<String>Read-writeInclude the stream identifier name to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
identifiersessionname<String>Read-writeInclude the stream identifier session name to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
observationdomainid<Double>Read-writeAn observation domain groups a set of Citrix ADCs based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.
Default value: 0
Minimum value = 1000
observationdomainname<String>Read-writeName of the Observation Domain defined by the observation domain ID.
Maximum length = 127
subscriberawareness<String>Read-writeEnable this option for logging end user MSISDN in L4/L7 appflow records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
subscriberidobfuscation<String>Read-writeEnable this option for obfuscating MSISDN in L4/L7 appflow records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
gxsessionreporting<String>Read-writeEnable this option for Gx session reporting.
Default value: DISABLED
Possible values = ENABLED, DISABLED
securityinsighttraffic<String>Read-writeEnable/disable the feature individually on appflow action.
Default value: DISABLED
Possible values = ENABLED, DISABLED
cacheinsight<String>Read-writeFlag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
videoinsight<String>Read-writeEnable/disable the feature individually on appflow action.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpquerywithurl<String>Read-writeInclude the HTTP query segment along with the URL that the Citrix ADC received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
urlcategory<String>Read-writeInclude the URL category record.
Default value: DISABLED
Possible values = ENABLED, DISABLED
lsnlogging<String>Read-writeOn enabling this option, the Citrix ADC will send the Large Scale Nat(LSN) records to the configured collectors.
Default value: DISABLED
Possible values = ENABLED, DISABLED
cqareporting<String>Read-writeTCP CQA reporting enable/disable knob.
Default value: DISABLED
Possible values = ENABLED, DISABLED
emailaddress<String>Read-writeEnable AppFlow user email-id logging.
Default value: DISABLED
Possible values = ENABLED, DISABLED
metrics<String>Read-writeEnable Citrix ADC Stats to be sent to the Telemetry Agent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
events<String>Read-writeEnable Events to be sent to the Telemetry Agent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
auditlogs<String>Read-writeEnable Auditlogs to be sent to the Telemetry Agent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
observationpointid<Double>Read-writeAn observation point ID is identifier for the NetScaler from which appflow records are being exported. By default, the NetScaler IP is the observation point ID.
Minimum value = 1
builtin<String[]>Read-onlyFlag to determine if the appflow param is built-in or not.
Possible values = MODIFIABLE, DELETABLE, IMMUTABLE, PARTITION_ALL
tcpburstreporting<String>Read-onlyTCP burst reporting enable/disable knob.
Default value: ENABLED
Possible values = ENABLED, DISABLED
tcpburstreportingthreshold<Double>Read-onlyTCP burst reporting threshold.
Default value: 1500
Minimum value = 10
Maximum value = 5000

Operations

(click to see Properties)

UPDATE| UNSET| GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http://<netscaler-ip-address>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

Note:

Mandatory parameters are marked in redand placeholder content is marked in <green>.

update

URL:http://<netscaler-ip-address>/nitro/v1/config/appflowparam

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"appflowparam":{
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationdomainname":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"gxsessionreporting":<String_value>,
"securityinsighttraffic":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"urlcategory":<String_value>,
"lsnlogging":<String_value>,
"cqareporting":<String_value>,
"emailaddress":<String_value>,
"metrics":<String_value>,
"events":<String_value>,
"auditlogs":<String_value>,
"observationpointid":<Double_value>
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

unset

URL:http://<netscaler-ip-address>/nitro/v1/config/appflowparam?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:

{"appflowparam":{
"templaterefresh":true,
"appnamerefresh":true,
"flowrecordinterval":true,
"securityinsightrecordinterval":true,
"udppmtu":true,
"httpurl":true,
"aaausername":true,
"httpcookie":true,
"httpreferer":true,
"httpmethod":true,
"httphost":true,
"httpuseragent":true,
"clienttrafficonly":true,
"httpcontenttype":true,
"httpauthorization":true,
"httpvia":true,
"httpxforwardedfor":true,
"httplocation":true,
"httpsetcookie":true,
"httpsetcookie2":true,
"connectionchaining":true,
"httpdomain":true,
"skipcacheredirectionhttptransaction":true,
"identifiername":true,
"identifiersessionname":true,
"observationdomainid":true,
"observationdomainname":true,
"subscriberawareness":true,
"subscriberidobfuscation":true,
"gxsessionreporting":true,
"securityinsighttraffic":true,
"cacheinsight":true,
"videoinsight":true,
"httpquerywithurl":true,
"urlcategory":true,
"lsnlogging":true,
"cqareporting":true,
"emailaddress":true,
"metrics":true,
"events":true,
"auditlogs":true,
"observationpointid":true
}}

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get (all)

URL:http://<netscaler-ip-address>/nitro/v1/config/appflowparam

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:

{ "appflowparam": [ {
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationpointid":<Double_value>,
"observationdomainname":<String_value>,
"builtin":<String[]_value>,
"securityinsighttraffic":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"gxsessionreporting":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"tcpburstreporting":<String_value>,
"tcpburstreportingthreshold":<Double_value>,
"urlcategory":<String_value>,
"lsnlogging":<String_value>,
"cqareporting":<String_value>,
"emailaddress":<String_value>,
"metrics":<String_value>,
"events":<String_value>,
"auditlogs":<String_value>
}]}