Citrix ADC 12.1 NITRO API Reference

appflowparam

Configuration for AppFlow parameter resource.

Properties

(click to see Operations)

Name Data Type Permissions Description
templaterefresh Read-write Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.
Default value: 600
Minimum value = 60
Maximum value = 3600
appnamerefresh Read-write Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the Citrix ADC.
Default value: 600
Minimum value = 60
Maximum value = 3600
flowrecordinterval Read-write Interval, in seconds, at which to send flow records to the configured collectors.
Default value: 60
Minimum value = 60
Maximum value = 3600
securityinsightrecordinterval Read-write Interval, in seconds, at which to send security insight flow records to the configured collectors.
Default value: 600
Minimum value = 60
Maximum value = 3600
udppmtu Read-write MTU, in bytes, for IPFIX UDP packets.
Default value: 1472
Minimum value = 128
Maximum value = 1472
httpurl Read-write Include the http URL that the Citrix ADC received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
aaausername Read-write Enable AppFlow AAA Username logging.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpcookie Read-write Include the cookie that was in the HTTP request the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpreferer Read-write Include the web page that was last visited by the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpmethod Read-write Include the method that was specified in the HTTP request that the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httphost Read-write Include the host identified in the HTTP request that the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpuseragent Read-write Include the client application through which the HTTP request was received by the Citrix ADC.
Default value: DISABLED
Possible values = ENABLED, DISABLED
clienttrafficonly Read-write Generate AppFlow records for only the traffic from the client.
Default value: NO
Possible values = YES, NO
httpcontenttype Read-write Include the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpauthorization Read-write Include the HTTP Authorization header information.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpvia Read-write Include the httpVia header which contains the IP address of proxy server through which the client accessed the server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpxforwardedfor Read-write Include the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httplocation Read-write Include the HTTP location headers returned from the HTTP responses.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpsetcookie Read-write Include the Set-cookie header sent from the server to the client in response to a HTTP request.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpsetcookie2 Read-write Include the Set-cookie header sent from the server to the client in response to a HTTP request.
Default value: DISABLED
Possible values = ENABLED, DISABLED
connectionchaining Read-write Enable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across Citrix ADCs, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpdomain Read-write Include the http domain request to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
skipcacheredirectionhttptransaction Read-write Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
identifiername Read-write Include the stream identifier name to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
identifiersessionname Read-write Include the stream identifier session name to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
observationdomainid Read-write An observation domain groups a set of Citrix ADCs based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.
Default value: 0
Minimum value = 1000
observationdomainname Read-write Name of the Observation Domain defined by the observation domain ID.
Maximum length = 127
subscriberawareness Read-write Enable this option for logging end user MSISDN in L4/L7 appflow records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
subscriberidobfuscation Read-write Enable this option for obfuscating MSISDN in L4/L7 appflow records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
subscriberidobfuscationalgo Read-write Algorithm(MD5 or SHA256) to be used for obfuscating MSISDN.
Default value: MD5
Possible values = MD5, SHA256
gxsessionreporting Read-write Enable this option for Gx session reporting.
Default value: DISABLED
Possible values = ENABLED, DISABLED
securityinsighttraffic Read-write Enable/disable the feature individually on appflow action.
Default value: DISABLED
Possible values = ENABLED, DISABLED
cacheinsight Read-write Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
videoinsight Read-write Enable/disable the feature individually on appflow action.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpquerywithurl Read-write Include the HTTP query segment along with the URL that the Citrix ADC received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
urlcategory Read-write Include the URL category record.
Default value: DISABLED
Possible values = ENABLED, DISABLED
lsnlogging Read-write On enabling this option, the Citrix ADC will send the Large Scale Nat(LSN) records to the configured collectors.
Default value: DISABLED
Possible values = ENABLED, DISABLED
cqareporting Read-write TCP CQA reporting enable/disable knob.
Default value: DISABLED
Possible values = ENABLED, DISABLED
emailaddress Read-write Enable AppFlow user email-id logging.
Default value: DISABLED
Possible values = ENABLED, DISABLED
usagerecordinterval Read-write On enabling this option, the NGS will send bandwidth usage record to configured collectors.
Default value: 0
Minimum value = 0
Maximum value = 7200
metrics Read-write Enable Citrix ADC Stats to be sent to the Telemetry Agent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
events Read-write Enable Events to be sent to the Telemetry Agent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
auditlogs Read-write Enable Auditlogs to be sent to the Telemetry Agent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
observationpointid Read-write An observation point ID is identifier for the Citrix ADC from which appflow records are being exported. By default, the Citrix ADC IP is the observation point ID.
Minimum value = 1
distributedtracing Read-write Enable generation of the distributed tracing templates in the Appflow records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
disttracingsamplingrate Read-write Sampling rate for Distributed Tracing.
Default value: 0
Minimum value = 0
Maximum value = 100
tcpattackcounterinterval Read-write Interval, in seconds, at which to send tcp attack counters to the configured collectors. If 0 is configured, the record is not sent.
Default value: 0
Minimum value = 0
Maximum value = 3600
tcpburstreporting Read-only TCP burst reporting enable/disable knob.
Default value: ENABLED
Possible values = ENABLED, DISABLED
tcpburstreportingthreshold Read-only TCP burst reporting threshold.
Default value: 1500
Minimum value = 10
Maximum value = 5000

Operations

(click to see Properties)

UPDATE UNSET GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response:NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the Citrix ADC appliance, the URL is as follows:

    http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations:NITRO allows you to logon to the Citrix ADC appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note:In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

*Note:*

Mandatory parameters are marked in redand placeholder content is marked in <green>.

update

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appflowparam

HTTP Method:PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"appflowparam":{
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationdomainname":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"subscriberidobfuscationalgo":<String_value>,
"gxsessionreporting":<String_value>,
"securityinsighttraffic":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"urlcategory":<String_value>,
"lsnlogging":<String_value>,
"cqareporting":<String_value>,
"emailaddress":<String_value>,
"usagerecordinterval":<Double_value>,
"metrics":<String_value>,
"events":<String_value>,
"auditlogs":<String_value>,
"observationpointid":<Double_value>,
"distributedtracing":<String_value>,
"disttracingsamplingrate":<Double_value>,
"tcpattackcounterinterval":<Double_value>
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

unset

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appflowparam?action=unset

HTTP Method:POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json

Request Payload:


{"appflowparam":{
"templaterefresh":true,
"appnamerefresh":true,
"flowrecordinterval":true,
"securityinsightrecordinterval":true,
"udppmtu":true,
"httpurl":true,
"aaausername":true,
"httpcookie":true,
"httpreferer":true,
"httpmethod":true,
"httphost":true,
"httpuseragent":true,
"clienttrafficonly":true,
"httpcontenttype":true,
"httpauthorization":true,
"httpvia":true,
"httpxforwardedfor":true,
"httplocation":true,
"httpsetcookie":true,
"httpsetcookie2":true,
"connectionchaining":true,
"httpdomain":true,
"skipcacheredirectionhttptransaction":true,
"identifiername":true,
"identifiersessionname":true,
"observationdomainid":true,
"observationdomainname":true,
"subscriberawareness":true,
"subscriberidobfuscation":true,
"subscriberidobfuscationalgo":true,
"gxsessionreporting":true,
"securityinsighttraffic":true,
"cacheinsight":true,
"videoinsight":true,
"httpquerywithurl":true,
"urlcategory":true,
"lsnlogging":true,
"cqareporting":true,
"emailaddress":true,
"usagerecordinterval":true,
"metrics":true,
"events":true,
"auditlogs":true,
"observationpointid":true,
"distributedtracing":true,
"disttracingsamplingrate":true,
"tcpattackcounterinterval":true
}}

<!--NeedCopy-->

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the error

get (all)

URL:http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/appflowparam

HTTP Method:GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json

Response:

HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for Citrix ADC specific errors). The response payload provides details of the errorResponse Headers:

Content-Type:application/json

Response Payload:


{ "appflowparam": [ {
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationpointid":<Double_value>,
"observationdomainname":<String_value>,
"securityinsighttraffic":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"subscriberidobfuscationalgo":<String_value>,
"gxsessionreporting":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"tcpburstreporting":<String_value>,
"tcpburstreportingthreshold":<Double_value>,
"urlcategory":<String_value>,
"lsnlogging":<String_value>,
"cqareporting":<String_value>,
"emailaddress":<String_value>,
"usagerecordinterval":<Double_value>,
"metrics":<String_value>,
"events":<String_value>,
"auditlogs":<String_value>,
"distributedtracing":<String_value>,
"disttracingsamplingrate":<Double_value>,
"tcpattackcounterinterval":<Double_value>
}]}

<!--NeedCopy-->
appflowparam