Log transactions from a specific client in a load balancing configuration

You can log transactions from a specific client to analyse them to find any trends and metrics. This information can then be used to optimize the settings in the Citrix ADC and servers to improve efficiency in processing the client requests.

To log transactions from a specific client in a load balancing configuration, you must create an audit message action, create a rewrite policy and, associate the audit message action to the the rewrite policy. Then, you must bind the rewrite policy to the load balancing virtual server.

The Citrix ADC appliance uses the rewrite policy to identify transactions related to a specific client in a load balancing configuration. Then the appliance log these transactions in a format defined in the audit message action.

Before you begin

Before configuring a Citrix ADC appliance to log transactions from a specific client, make sure that:

Configuration steps

Configuring a Citrix ADC appliance to log transactions from a specific client, consists of the following steps:

  1. Create an audit message action
  2. Create a rewrite policy and specify the audit message action
  3. Bind the rewrite policy to the load balancing virtual server

Create an audit message action

To create an audit message action, you use the auditmessageaction NITRO API object.

For more information about the auditmessageaction object and its properties, see Citrix NITRO API reference for auditmessageaction.

Curl request

curl -X POST -H "Content-Type: application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/auditmessageaction -d '{ "auditmessageaction": { "name":"<value>", "loglevel":"<value>", "stringbuilderexpr":"<value>" }}'

Create a rewrite policy and specify the audit message action

To create a rewrite policy and specify the audit message action, you use the rewritepolicy NITRO API object.

For more information about the rewritepolicy object and its properties, see Citrix NITRO API reference for rewritepolicy.

Curl request

curl -v -X POST -H "Content-Type: application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/rewritepolicy -d '{ "rewritepolicy": { "name":"<value>", "rule":"<value>", "action":"<value>", "logaction":"<value>"}'

Bind the rewrite policy to the load balancing virtual server

To bind the rewrite policy to the load balancing virtual server, you use the lbvserver_rewritepolicy_binding NITRO API object.

For more information about the lbvserver_rewritepolicy_binding object and its properties, see Citrix NITRO API reference for lbvserver_rewritepolicy_binding.

Curl request

curl -v -X PUT -H "Content-Type:application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/ lbvserver_rewritepolicy_binding -d '{ "lbvserver_rewritepolicy_binding": { "name":"<value>", "policyname":"<value>", "priority":"<value>", "gotopriorityexpression":"<value>", "bindpoint":"<value>" } }'

Sample configuration

Steps Curl requests
Create an audit message action curl -X POST -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/auditmessageaction -d '{"auditmessageaction": { "name":"ADT-MSG-ACN-LOG-CLIENT", "loglevel":"WARNING", "stringbuilderexpr":" "\"Date & Time: \"+ SYS.TIME +\" | Client IP: \"+ CLIENT.IP.SRC+\" | Client TCP Source Port: \"+CLIENT.TCP.SRCPORT+\" | Client TCP Destination Port: \"+CLIENT.TCP.DSTPORT+\" | LB VSERVER NAME: \"+HTTP.REQ.LB_VSERVER.NAME+ \" | LB VSERVER IP: \"+ CLIENT.IP.DST+\" | Server IP: \"+SERVER.IP.DST+\" | Server port: \"+ SERVER.TCP.DSTPORT +\" | HTTP Request Method: \"+ HTTP.REQ.METHOD +\" | HOSTNAME: \"+ HTTP.REQ.HOSTNAME +\" | URL: \"+ HTTP.REQ.URL +\" | Response Code: \"+ HTTP.RES.STATUS""}}'
Create a rewrite policy and specify the audit message action curl -v -X POST -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/rewritepolicy -d '{ "rewritepolicy": { "name":"RWRT-POL-LOG-CLIENT", "rule":"CLIENT.IP.SRC.EQ(192.0.29.210)", "action":"NOREWRITE", "logaction":"ADT-MSG-ACN-LOG-CLIENT"}'
Bind the rewrite policy to the load balancing virtual server curl -v -X PUT -H "Content-Type:application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/ lbvserver_rewritepolicy_binding -d '{ "lbvserver_rewritepolicy_binding": { "name":"LBVS-1", "policyname":"RWRT-POL-LOG-CLIENT", "priority": "100", "gotopriorityexpression": "END", "bindpoint": "RESPONSE" } } '
Log transactions from a specific client in a load balancing configuration