Developer Documentation
ADC NITRO APIs
Current Release 13.1 13

appflowparam

May 23, 2024
Contributed by: 
C

Configuration for AppFlow parameter resource.

Properties

(click to see Operations )

Name Data Type Permissions Description
templaterefresh Read-write Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.

Default value: 600

Minimum value = 60

Maximum value = 3600
appnamerefresh Read-write Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the Citrix ADC.

Default value: 600

Minimum value = 60

Maximum value = 3600
flowrecordinterval Read-write Interval, in seconds, at which to send flow records to the configured collectors.

Default value: 60

Minimum value = 60

Maximum value = 3600
securityinsightrecordinterval Read-write Interval, in seconds, at which to send security insight flow records to the configured collectors.

Default value: 600

Minimum value = 60

Maximum value = 3600
udppmtu Read-write MTU, in bytes, for IPFIX UDP packets.

Default value: 1472

Minimum value = 128

Maximum value = 1472
httpurl Read-write Include the http URL that the Citrix ADC received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
aaausername Read-write Enable AppFlow AAA Username logging.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpcookie Read-write Include the cookie that was in the HTTP request the appliance received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpreferer Read-write Include the web page that was last visited by the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpmethod Read-write Include the method that was specified in the HTTP request that the appliance received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httphost Read-write Include the host identified in the HTTP request that the appliance received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpuseragent Read-write Include the client application through which the HTTP request was received by the Citrix ADC.

Default value: DISABLED

Possible values = ENABLED, DISABLED
clienttrafficonly Read-write Generate AppFlow records for only the traffic from the client.

Default value: NO

Possible values = YES, NO
httpcontenttype Read-write Include the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpauthorization Read-write Include the HTTP Authorization header information.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpvia Read-write Include the httpVia header which contains the IP address of proxy server through which the client accessed the server.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpxforwardedfor Read-write Include the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httplocation Read-write Include the HTTP location headers returned from the HTTP responses.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpsetcookie Read-write Include the Set-cookie header sent from the server to the client in response to a HTTP request.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpsetcookie2 Read-write Include the Set-cookie header sent from the server to the client in response to a HTTP request.

Default value: DISABLED

Possible values = ENABLED, DISABLED
connectionchaining Read-write Enable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across Citrix ADCs, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpdomain Read-write Include the http domain request to be exported.

Default value: DISABLED

Possible values = ENABLED, DISABLED
skipcacheredirectionhttptransaction Read-write Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.

Default value: DISABLED

Possible values = ENABLED, DISABLED
identifiername Read-write Include the stream identifier name to be exported.

Default value: DISABLED

Possible values = ENABLED, DISABLED
identifiersessionname Read-write Include the stream identifier session name to be exported.

Default value: DISABLED

Possible values = ENABLED, DISABLED
observationdomainid Read-write An observation domain groups a set of Citrix ADCs based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.

Default value: 0

Minimum value = 1000
observationdomainname Read-write Name of the Observation Domain defined by the observation domain ID.

Maximum length = 127
subscriberawareness Read-write Enable this option for logging end user MSISDN in L4/L7 appflow records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
subscriberidobfuscation Read-write Enable this option for obfuscating MSISDN in L4/L7 appflow records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
subscriberidobfuscationalgo Read-write Algorithm(MD5 or SHA256) to be used for obfuscating MSISDN.

Default value: MD5

Possible values = MD5, SHA256
gxsessionreporting Read-write Enable this option for Gx session reporting.

Default value: DISABLED

Possible values = ENABLED, DISABLED
securityinsighttraffic Read-write Enable/disable the feature individually on appflow action.

Default value: DISABLED

Possible values = ENABLED, DISABLED
cacheinsight Read-write Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
videoinsight Read-write Enable/disable the feature individually on appflow action.

Default value: DISABLED

Possible values = ENABLED, DISABLED
httpquerywithurl Read-write Include the HTTP query segment along with the URL that the Citrix ADC received from the client.

Default value: DISABLED

Possible values = ENABLED, DISABLED
urlcategory Read-write Include the URL category record.

Default value: DISABLED

Possible values = ENABLED, DISABLED
lsnlogging Read-write On enabling this option, the Citrix ADC will send the Large Scale Nat(LSN) records to the configured collectors.

Default value: DISABLED

Possible values = ENABLED, DISABLED
cqareporting Read-write TCP CQA reporting enable/disable knob.

Default value: DISABLED

Possible values = ENABLED, DISABLED
emailaddress Read-write Enable AppFlow user email-id logging.

Default value: DISABLED

Possible values = ENABLED, DISABLED
usagerecordinterval Read-write On enabling this option, the NGS will send bandwidth usage record to configured collectors.

Default value: 0

Minimum value = 0

Maximum value = 7200
websaasappusagereporting Read-write On enabling this option, NGS will send data used by Web/saas app at the end of every HTTP transaction to configured collectors.

Default value: DISABLED

Possible values = ENABLED, DISABLED
metrics Read-write Enable Citrix ADC Stats to be sent to the Telemetry Agent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
events Read-write Enable Events to be sent to the Telemetry Agent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
auditlogs Read-write Enable Auditlogs to be sent to the Telemetry Agent.

Default value: DISABLED

Possible values = ENABLED, DISABLED
observationpointid Read-write An observation point ID is identifier for the NetScaler from which appflow records are being exported. By default, the NetScaler IP is the observation point ID.

Minimum value = 1
distributedtracing Read-write Enable generation of the distributed tracing templates in the Appflow records.

Default value: DISABLED

Possible values = ENABLED, DISABLED
disttracingsamplingrate Read-write Sampling rate for Distributed Tracing.

Default value: 0

Minimum value = 0

Maximum value = 100
tcpattackcounterinterval Read-write Interval, in seconds, at which to send tcp attack counters to the configured collectors. If 0 is configured, the record is not sent.

Default value: 0

Minimum value = 0

Maximum value = 3600
logstreamovernsip Read-write To use the Citrix ADC IP to send Logstream records instead of the SNIP.

Default value: DISABLED

Possible values = ENABLED, DISABLED
analyticsauthtoken Read-write Authentication token to be set by the agent.

Maximum length = 256
timeseriesovernsip Read-write To use the Citrix ADC IP to send Time series data such as metrics and events, instead of the SNIP.

Default value: DISABLED

Possible values = ENABLED, DISABLED
builtin <String[]> Read-only Flag to determine if the appflow param is built-in or not.

Possible values = MODIFIABLE, DELETABLE, IMMUTABLE, PARTITION_ALL
feature Read-only The feature to be checked while applying this config.
tcpburstreporting Read-only TCP burst reporting enable/disable knob.

Default value: ENABLED

Possible values = ENABLED, DISABLED
tcpburstreportingthreshold Read-only TCP burst reporting threshold.

Default value: 1500

Minimum value = 10

Maximum value = 5000

Operations

(click to see Properties )

  • UPDATE
  • UNSET
  • GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER: <username>

    X-NITRO-PASS: <password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

*Note: * Mandatory parameters are marked in red and placeholder content is marked in green

unset

URL: http:// <netscaler-ip-address> /nitro/v1/config/appflowparam? action=unset HTTP Method: POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload: 

{"appflowparam":{
"templaterefresh":true,
"appnamerefresh":true,
"flowrecordinterval":true,
"securityinsightrecordinterval":true,
"udppmtu":true,
"httpurl":true,
"aaausername":true,
"httpcookie":true,
"httpreferer":true,
"httpmethod":true,
"httphost":true,
"httpuseragent":true,
"clienttrafficonly":true,
"httpcontenttype":true,
"httpauthorization":true,
"httpvia":true,
"httpxforwardedfor":true,
"httplocation":true,
"httpsetcookie":true,
"httpsetcookie2":true,
"connectionchaining":true,
"httpdomain":true,
"skipcacheredirectionhttptransaction":true,
"identifiername":true,
"identifiersessionname":true,
"observationdomainid":true,
"observationdomainname":true,
"subscriberawareness":true,
"subscriberidobfuscation":true,
"subscriberidobfuscationalgo":true,
"gxsessionreporting":true,
"securityinsighttraffic":true,
"cacheinsight":true,
"videoinsight":true,
"httpquerywithurl":true,
"urlcategory":true,
"lsnlogging":true,
"cqareporting":true,
"emailaddress":true,
"usagerecordinterval":true,
"websaasappusagereporting":true,
"metrics":true,
"events":true,
"auditlogs":true,
"observationpointid":true,
"distributedtracing":true,
"disttracingsamplingrate":true,
"tcpattackcounterinterval":true,
"logstreamovernsip":true,
"analyticsauthtoken":true,
"timeseriesovernsip":true
}}

<!--NeedCopy-->

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

update

URL: http:// <netscaler-ip-address> /nitro/v1/config/appflowparam HTTP Method: PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload: 

{"appflowparam":{
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationdomainname":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"subscriberidobfuscationalgo":<String_value>,
"gxsessionreporting":<String_value>,
"securityinsighttraffic":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"urlcategory":<String_value>,
"lsnlogging":<String_value>,
"cqareporting":<String_value>,
"emailaddress":<String_value>,
"usagerecordinterval":<Double_value>,
"websaasappusagereporting":<String_value>,
"metrics":<String_value>,
"events":<String_value>,
"auditlogs":<String_value>,
"observationpointid":<Double_value>,
"distributedtracing":<String_value>,
"disttracingsamplingrate":<Double_value>,
"tcpattackcounterinterval":<Double_value>,
"logstreamovernsip":<String_value>,
"analyticsauthtoken":<String_value>,
"timeseriesovernsip":<String_value>
}}

<!--NeedCopy-->

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get (all)

URL: http:// <netscaler-ip-address> /nitro/v1/config/appflowparam HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload: 

{ "appflowparam": [ {
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationpointid":<Double_value>,
"observationdomainname":<String_value>,
"builtin":<String[]_value>,
"feature":<String_value>,
"securityinsighttraffic":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"subscriberidobfuscationalgo":<String_value>,
"gxsessionreporting":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"tcpburstreporting":<String_value>,
"tcpburstreportingthreshold":<Double_value>,
"urlcategory":<String_value>,
"lsnlogging":<String_value>,
"cqareporting":<String_value>,
"emailaddress":<String_value>,
"usagerecordinterval":<Double_value>,
"websaasappusagereporting":<String_value>,
"metrics":<String_value>,
"events":<String_value>,
"auditlogs":<String_value>,
"distributedtracing":<String_value>,
"disttracingsamplingrate":<Double_value>,
"tcpattackcounterinterval":<Double_value>,
"logstreamovernsip":<String_value>,
"analyticsauthtoken":<String_value>,
"timeseriesovernsip":<String_value>
}]}

<!--NeedCopy-->
appflowparam
May 23, 2024
Contributed by: 
C
May 23, 2024
Contributed by: 
C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.