ADC NITRO APIs

auditsyslogaction

May 23, 2024

Contributed by:

Configuration for system log action resource.

Properties

(click to see Operations )

Name	Data Type	Permissions	Description
name		Read-write	Name of the syslog action. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after the syslog action is added. The following requirement applies only to the Citrix ADC CLI If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my syslog action” or ‘my syslog action’). Minimum length = 1
serverip		Read-write	IP address of the syslog server. Minimum length = 1
serverdomainname		Read-write	SYSLOG server name as a FQDN. Mutually exclusive with serverIP/lbVserverName. Minimum length = 1 Maximum length = 255
domainresolveretry		Read-write	Time, in seconds, for which the Citrix ADC waits before sending another DNS query to resolve the host name of the syslog server if the last query failed. Default value: 5 Minimum value = 5 Maximum value = 20939
lbvservername		Read-write	Name of the LB vserver. Mutually exclusive with syslog serverIP/serverName. Minimum length = 1 Maximum length = 127
serverport		Read-write	Port on which the syslog server accepts connections. Minimum value = 1
loglevel	<String[]>	Read-write	Audit log level, which specifies the types of events to log. Available values function as follows ALL - All events. EMERGENCY - Events that indicate an immediate crisis on the server. ALERT - Events that might require action. CRITICAL - Events that indicate an imminent server crisis. ERROR - Events that indicate some type of error. WARNING - Events that require action in the near future. NOTICE - Events that the administrator should know about. INFORMATIONAL - All but low-level events. DEBUG - All events, in extreme detail. NONE - No events. Possible values = ALL, EMERGENCY, ALERT, CRITICAL, ERROR, WARNING, NOTICE, INFORMATIONAL, DEBUG, NONE
managementlog	<String[]>	Read-write	Management log specifies the categories of log files to be exported. It use destination and transport from PE params. Available values function as follows ALL - All categories (SHELL, NSMGMT and ACCESS). SHELL - bash.log, and sh.log. ACCESS - auth.log, nsvpn.log, vpndebug.log, httpaccess.log, httperror.log, httpaccess-vpn.log and httperror-vpn.log. NSMGMT - notice.log and ns.log. NONE - No logs. Possible values = ALL, SHELL, ACCESS, NSMGMT, NONE
mgmtloglevel	<String[]>	Read-write	Management log level, which specifies the types of events to log. Available values function as follows ALL - All events. EMERGENCY - Events that indicate an immediate crisis on the server. ALERT - Events that might require action. CRITICAL - Events that indicate an imminent server crisis. ERROR - Events that indicate some type of error. WARNING - Events that require action in the near future. NOTICE - Events that the administrator should know about. INFORMATIONAL - All but low-level events. DEBUG - All events, in extreme detail. NONE - No events. Possible values = ALL, EMERGENCY, ALERT, CRITICAL, ERROR, WARNING, NOTICE, INFORMATIONAL, DEBUG, NONE
dateformat		Read-write	Format of dates in the logs. Supported formats are MMDDYYYY. -U.S. style month/date/year format. DDMMYYYY - European style date/month/year format. YYYYMMDD - ISO style year/month/date format. Possible values = MMDDYYYY, DDMMYYYY, YYYYMMDD
logfacility		Read-write	Facility value, as defined in RFC 3164, assigned to the log message. Log facility values are numbers 0 to 7 (LOCAL0 through LOCAL7). Each number indicates where a specific message originated from, such as the Citrix ADC itself, the VPN, or external. Possible values = LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7
tcp		Read-write	Log TCP messages. Possible values = NONE, ALL
acl		Read-write	Log access control list (ACL) messages. Possible values = ENABLED, DISABLED
timezone		Read-write	Time zone used for date and timestamps in the logs. Supported settings are GMT_TIME. Coordinated Universal time. LOCAL_TIME. Use the server’s timezone setting. Possible values = GMT_TIME, LOCAL_TIME
userdefinedauditlog		Read-write	Log user-configurable log messages to syslog. Setting this parameter to NO causes auditing to ignore all user-configured message actions. Setting this parameter to YES causes auditing to log user-configured message actions that meet the other logging criteria. Possible values = YES, NO
appflowexport		Read-write	Export log messages to AppFlow collectors. Appflow collectors are entities to which log messages can be sent so that some action can be performed on them. Possible values = ENABLED, DISABLED
lsn		Read-write	Log lsn info. Possible values = ENABLED, DISABLED
alg		Read-write	Log alg info. Possible values = ENABLED, DISABLED
subscriberlog		Read-write	Log subscriber session event information. Possible values = ENABLED, DISABLED
transport		Read-write	Transport type used to send auditlogs to syslog server. Default type is UDP. Possible values = TCP, UDP
tcpprofilename		Read-write	Name of the TCP profile whose settings are to be applied to the audit server info to tune the TCP connection parameters. Minimum length = 1 Maximum length = 127
maxlogdatasizetohold		Read-write	Max size of log data that can be held in NSB chain of server info. Default value: 500 Minimum value = 50 Maximum value = 25600
dns		Read-write	Log DNS related syslog messages. Possible values = ENABLED, DISABLED
contentinspectionlog		Read-write	Log Content Inspection event information. Possible values = ENABLED, DISABLED
netprofile		Read-write	Name of the network profile. The SNIP configured in the network profile will be used as source IP while sending log messages. Minimum length = 1 Maximum length = 127
sslinterception		Read-write	Log SSL Interception event information. Possible values = ENABLED, DISABLED
urlfiltering		Read-write	Log URL filtering event information. Possible values = ENABLED, DISABLED
domainresolvenow		Read-write	Immediately send a DNS query to resolve the server’s domain name.
ip		Read-only	The resolved IP address of the syslog server.
builtin	<String[]>	Read-only	Indicates that a variable is a built-in (SYSTEM INTERNAL) type. Possible values = MODIFIABLE, DELETABLE, IMMUTABLE, PARTITION_ALL
feature		Read-only	The feature to be checked while applying this config.
__count		Read-only	count parameter

Operations

(click to see Properties )

ADD
DELETE
UPDATE
UNSET
GET (ALL)
GET
COUNT

Some options that you can use for each operations:

Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

To do this, you must specify the username and password in the request header of the NITRO request as follows:

X-NITRO-USER: <username>

X-NITRO-PASS: <password>

Note: In such cases, make sure that the request header DOES not include the following:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

*Note:* Mandatory parameters are marked in red and placeholder content is marked in green

unset

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction? action=unset HTTP Method: POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload:

{"auditsyslogaction":{
<b>"name":<String_value>,
</b>"serverport":true,
"loglevel":true,
"dateformat":true,
"logfacility":true,
"tcp":true,
"acl":true,
"timezone":true,
"userdefinedauditlog":true,
"appflowexport":true,
"lsn":true,
"alg":true,
"subscriberlog":true,
"tcpprofilename":true,
"maxlogdatasizetohold":true,
"dns":true,
"contentinspectionlog":true,
"netprofile":true,
"sslinterception":true,
"urlfiltering":true,
"managementlog":true,
"mgmtloglevel":true
}}

<!--NeedCopy-->

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

delete

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction/ name_value<String> HTTP Method: DELETE

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

update

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction HTTP Method: PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload:

{"auditsyslogaction":{
<b>"name":<String_value>,
</b>"serverip":<String_value>,
"serverdomainname":<String_value>,
"lbvservername":<String_value>,
"domainresolveretry":<Integer_value>,
"domainresolvenow":<Boolean_value>,
"serverport":<Integer_value>,
"loglevel":<String[]_value>,
"managementlog":<String[]_value>,
"mgmtloglevel":<String[]_value>,
"dateformat":<String_value>,
"logfacility":<String_value>,
"tcp":<String_value>,
"acl":<String_value>,
"timezone":<String_value>,
"userdefinedauditlog":<String_value>,
"appflowexport":<String_value>,
"lsn":<String_value>,
"alg":<String_value>,
"subscriberlog":<String_value>,
"tcpprofilename":<String_value>,
"maxlogdatasizetohold":<Double_value>,
"dns":<String_value>,
"contentinspectionlog":<String_value>,
"netprofile":<String_value>,
"sslinterception":<String_value>,
"urlfiltering":<String_value>
}}

<!--NeedCopy-->

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

add

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction HTTP Method: POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Content-Type:application/json

Request Payload:

{"auditsyslogaction":{
<b>"name":<String_value>,
</b>"serverip":<String_value>,
"serverdomainname":<String_value>,
"domainresolveretry":<Integer_value>,
"lbvservername":<String_value>,
"serverport":<Integer_value>,
<b>"loglevel":<String[]_value>,
</b>"managementlog":<String[]_value>,
"mgmtloglevel":<String[]_value>,
"dateformat":<String_value>,
"logfacility":<String_value>,
"tcp":<String_value>,
"acl":<String_value>,
"timezone":<String_value>,
"userdefinedauditlog":<String_value>,
"appflowexport":<String_value>,
"lsn":<String_value>,
"alg":<String_value>,
"subscriberlog":<String_value>,
"transport":<String_value>,
"tcpprofilename":<String_value>,
"maxlogdatasizetohold":<Double_value>,
"dns":<String_value>,
"contentinspectionlog":<String_value>,
"netprofile":<String_value>,
"sslinterception":<String_value>,
"urlfiltering":<String_value>
}}

<!--NeedCopy-->

Response: HTTP Status Code on Success: 201 Created

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get (all)

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction Query-parameters: attrs http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction? attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

filter http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction? filter=property-name1:property-val1,property-name2:property-val2

Use this query-parameter to get the filtered set of auditsyslogaction resources configured on NetScaler.Filtering can be done on any of the properties of the resource.

view http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction? view=summary

Use this query-parameter to get the summary output of auditsyslogaction resources configured on NetScaler.

Note: By default, the retrieved results are displayed in detail view (?view=detail).

pagination http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction? pagesize=#no;pageno=#no

Use this query-parameter to get the auditsyslogaction resources in chunks.

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload:

{ "auditsyslogaction": [ {
"name":<String_value>,
"serverip":<String_value>,
"serverdomainname":<String_value>,
"ip":<String_value>,
"lbvservername":<String_value>,
"domainresolveretry":<Integer_value>,
"domainresolvenow":<Boolean_value>,
"serverport":<Integer_value>,
"loglevel":<String[]_value>,
"managementlog":<String[]_value>,
"mgmtloglevel":<String[]_value>,
"dateformat":<String_value>,
"logfacility":<String_value>,
"tcp":<String_value>,
"acl":<String_value>,
"timezone":<String_value>,
"userdefinedauditlog":<String_value>,
"appflowexport":<String_value>,
"builtin":<String[]_value>,
"feature":<String_value>,
"lsn":<String_value>,
"alg":<String_value>,
"subscriberlog":<String_value>,
"transport":<String_value>,
"tcpprofilename":<String_value>,
"maxlogdatasizetohold":<Double_value>,
"dns":<String_value>,
"netprofile":<String_value>,
"sslinterception":<String_value>,
"urlfiltering":<String_value>,
"contentinspectionlog":<String_value>
}]}

<!--NeedCopy-->

get

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction/ name_value<String> Query-parameters: attrs http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction/ name_value<String> ? attrs=property-name1,property-name2

Use this query parameter to specify the resource details that you want to retrieve.

view http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction/ name_value<String> ? view=summary

Use this query-parameter to get the summary output of auditsyslogaction resources configured on NetScaler.

Note: By default, the retrieved results are displayed in detail view (?view=detail).

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload:

{  "auditsyslogaction": [ {
"name":<String_value>,
"serverip":<String_value>,
"serverdomainname":<String_value>,
"ip":<String_value>,
"lbvservername":<String_value>,
"domainresolveretry":<Integer_value>,
"domainresolvenow":<Boolean_value>,
"serverport":<Integer_value>,
"loglevel":<String[]_value>,
"managementlog":<String[]_value>,
"mgmtloglevel":<String[]_value>,
"dateformat":<String_value>,
"logfacility":<String_value>,
"tcp":<String_value>,
"acl":<String_value>,
"timezone":<String_value>,
"userdefinedauditlog":<String_value>,
"appflowexport":<String_value>,
"builtin":<String[]_value>,
"feature":<String_value>,
"lsn":<String_value>,
"alg":<String_value>,
"subscriberlog":<String_value>,
"transport":<String_value>,
"tcpprofilename":<String_value>,
"maxlogdatasizetohold":<Double_value>,
"dns":<String_value>,
"netprofile":<String_value>,
"sslinterception":<String_value>,
"urlfiltering":<String_value>,
"contentinspectionlog":<String_value>
}]}

<!--NeedCopy-->

count

URL: http:// <netscaler-ip-address> /nitro/v1/config/auditsyslogaction? count=yes HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Accept:application/json

Response: HTTP Status Code on Success: 200 OK

HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Header:

Content-Type:application/json

Response Payload:

{ "auditsyslogaction": [ { "__count": "#no"} ] }

<!--NeedCopy-->

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

auditsyslogaction

May 23, 2024

Contributed by:

May 23, 2024

Contributed by:

auditsyslogaction

Properties

Operations

unset

delete

update

add

get (all)

get

count

In this article