Log transactions from a specific client in a load balancing configuration
You can log transactions from a specific client to analyse them to find any trends and metrics. This information can then be used to optimize the settings in the Citrix ADC and servers to improve efficiency in processing the client requests.
To log transactions from a specific client in a load balancing configuration, you must create an audit message action, create a rewrite policy and, associate the audit message action to the the rewrite policy. Then, you must bind the rewrite policy to the load balancing virtual server.
The Citrix ADC appliance uses the rewrite policy to identify transactions related to a specific client in a load balancing configuration. Then the appliance log these transactions in a format defined in the audit message action.
Before you begin
Before configuring a Citrix ADC appliance to log transactions from a specific client, make sure that:
-
You have deployed a Citrix ADC VPX appliance and the appliance is UP and running in your setup. For more information, see Deploy a Citrix ADC VPX instance.
- You have a basic understanding of the load balancing feature of a Citrix ADC appliance. For more information, see:
- You have already configured audit logging (SYSLOG or NSLOG) in the Citrix ADC appliance.
- Enabled
userdefinedauditlogoption in the related audit action server entity. - Bound the related audit policy to system global.
For more information about Citrix ADC audit logging, see:
- Enabled
- You have a basic understading of the Citrix ADC NITRO REST APIs. For more information, see Citrix ADC NITRO API reference.
Configuration steps
Configuring a Citrix ADC appliance to log transactions from a specific client, consists of the following steps:
- Create an audit message action
- Create a rewrite policy and specify the audit message action
- Bind the rewrite policy to the load balancing virtual server
Create an audit message action
To create an audit message action, you use the auditmessageaction NITRO API object.
For more information about the auditmessageaction object and its properties, see Citrix NITRO API reference for auditmessageaction.
Curl request
curl -X POST -H "Content-Type: application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/auditmessageaction -d '{ "auditmessageaction": { "name":"<value>", "loglevel":"<value>", "stringbuilderexpr":"<value>" }}'
<!--NeedCopy-->
Create a rewrite policy and specify the audit message action
To create a rewrite policy and specify the audit message action, you use the rewritepolicy NITRO API object.
For more information about the rewritepolicy object and its properties, see Citrix NITRO API reference for rewritepolicy.
Curl request
curl -v -X POST -H "Content-Type: application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/rewritepolicy -d '{ "rewritepolicy": { "name":"<value>", "rule":"<value>", "action":"<value>", "logaction":"<value>"}'
<!--NeedCopy-->
Bind the rewrite policy to the load balancing virtual server
To bind the rewrite policy to the load balancing virtual server, you use the lbvserver_rewritepolicy_binding NITRO API object.
For more information about the lbvserver_rewritepolicy_binding object and its properties, see Citrix NITRO API reference for lbvserver_rewritepolicy_binding.
Curl request
curl -v -X PUT -H "Content-Type:application/json" -u <username>:<password> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/ lbvserver_rewritepolicy_binding -d '{ "lbvserver_rewritepolicy_binding": { "name":"<value>", "policyname":"<value>", "priority":"<value>", "gotopriorityexpression":"<value>", "bindpoint":"<value>" } }'
<!--NeedCopy-->
Sample configuration
| Steps | Curl requests |
|---|---|
| Create an audit message action | curl -X POST -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/auditmessageaction -d '{"auditmessageaction": { "name":"ADT-MSG-ACN-LOG-CLIENT", "loglevel":"WARNING", "stringbuilderexpr":" "\"Date & Time: \"+ SYS.TIME +\" | Client IP: \"+ CLIENT.IP.SRC+\" | Client TCP Source Port: \"+CLIENT.TCP.SRCPORT+\" | Client TCP Destination Port: \"+CLIENT.TCP.DSTPORT+\" | LB VSERVER NAME: \"+HTTP.REQ.LB_VSERVER.NAME+ \" | LB VSERVER IP: \"+ CLIENT.IP.DST+\" | Server IP: \"+SERVER.IP.DST+\" | Server port: \"+ SERVER.TCP.DSTPORT +\" | HTTP Request Method: \"+ HTTP.REQ.METHOD +\" | HOSTNAME: \"+ HTTP.REQ.HOSTNAME +\" | URL: \"+ HTTP.REQ.URL +\" | Response Code: \"+ HTTP.RES.STATUS""}}' |
| Create a rewrite policy and specify the audit message action | curl -v -X POST -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/rewritepolicy -d '{ "rewritepolicy": { "name":"RWRT-POL-LOG-CLIENT", "rule":"CLIENT.IP.SRC.EQ(192.0.29.210)", "action":"NOREWRITE", "logaction":"ADT-MSG-ACN-LOG-CLIENT"}' |
| Bind the rewrite policy to the load balancing virtual server | curl -v -X PUT -H "Content-Type:application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/ lbvserver_rewritepolicy_binding -d '{ "lbvserver_rewritepolicy_binding": { "name":"LBVS-1", "policyname":"RWRT-POL-LOG-CLIENT", "priority": "100", "gotopriorityexpression": "END", "bindpoint": "RESPONSE" } } ' |