audit
Statistics for audit.
Properties
(click to see Operations )
Name | Data Type | Permissions | Description |
---|---|---|---|
clearstats |
|
Read-write | Clear the statsistics / counters.
Possible values = basic, full |
auditsyslogmsgsent |
|
Read-only | Syslog messages sent to the syslog server(s) over UDP. |
auditsyslogmsgsentrate |
|
Read-only | Rate (/s) counter for auditsyslogmsgsent |
auditsyslogmsggen |
|
Read-only | Syslog messages about to be sent to the syslog server. |
auditsyslogmsggenrate |
|
Read-only | Rate (/s) counter for auditsyslogmsggen |
auditsyslogmsgsenttcp |
|
Read-only | Syslog messages sent to the syslog server(s) over TCP. |
auditsyslogmsgsenttcprate |
|
Read-only | Rate (/s) counter for auditsyslogmsgsenttcp |
auditnsballocfail |
|
Read-only | NAT allocation failed. |
auditnsballocfailrate |
|
Read-only | Rate (/s) counter for auditnsballocfail |
auditlog32errsyslogallocnsbfail |
|
Read-only | Nsb allocation failed. |
auditlog32errsyslogallocnsbfailrate |
|
Read-only | Rate (/s) counter for auditlog32errsyslogallocnsbfail |
auditmemallocfail |
|
Read-only | Failures in allocation of Access Gateway context structure. When an Access Gateway session is established, the Citrix ADC creates an internal context structure , which identifies the user and the IP address from which the user has logged in. |
auditmemallocfailrate |
|
Read-only | Rate (/s) counter for auditmemallocfail |
auditportallocfail |
|
Read-only | Number of times the Citrix ADC failed to allocate a port when sending a syslog message to the syslog server(s). |
auditportallocfailrate |
|
Read-only | Rate (/s) counter for auditportallocfail |
auditcontextnotfound |
|
Read-only | Failures in finding the context structure for an Access Gateway session during attempts to send session-specific audit messages.During an Access Gateway session, audit messages related to the session are queued up in the auditlog buffer for transmission to the audit log server(s). If the session is killed before the messages are sent, the context structure allocated at session creation is removed. This structure is needed for sending the queued auditlog messages. If it is not found, this counter is incremented. |
auditcontextnotfoundrate |
|
Read-only | Rate (/s) counter for auditcontextnotfound |
nsbchainallocfail |
|
Read-only | Nsb Chain allocation failed. |
nsbchainallocfailrate |
|
Read-only | Rate (/s) counter for nsbchainallocfail |
clientconnfail |
|
Read-only | Failures in establishment of a connection between the Citrix ADC and the auditserver tool (the Citrix ADC’s custom logging tool). |
clientconnfailrate |
|
Read-only | Rate (/s) counter for clientconnfail |
flushcmdcnt |
|
Read-only | Auditlog buffer flushes. In a multiprocessor Citrix ADC, both the main processor and the co-processor can generate auditlog messages and fill up the auditlog buffers. But only the primary processor can free up the buffers by sending auditlog messages to the auditlog server(s). The number of auditlog buffers is fixed. If the co-processor detects that all the auditlog buffers are full, it issues a flush command to the main processor. |
flushcmdcntrate |
|
Read-only | Rate (/s) counter for flushcmdcnt |
systcpconnfail |
|
Read-only | Failures in establishment of a connection between the Citrix ADC and the syslog server. |
systcpconnfailrate |
|
Read-only | Rate (/s) counter for systcpconnfail |
logunsentlbsys |
|
Read-only | Total auditlog messages which are not delivered to load balanced syslog servers |
logunsentlbsysrate |
|
Read-only | Rate (/s) counter for logunsentlbsys |
logsdropped |
|
Read-only | Total number of log messages dropped by Citrix ADC after max hold limit is reached |
logsdroppedrate |
|
Read-only | Rate (/s) counter for logsdropped |
logsdroppedtxminnsbs |
|
Read-only | Total number of log messages dropped by Citrix ADC when NSBQ length is less than TX min NSBs |
logsdroppedtxminnsbsrate |
|
Read-only | Rate (/s) counter for logsdroppedtxminnsbs |
Operations
(click to see Properties )
- GET (ALL)
Some options that you can use for each operations:
-
Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:
http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes
If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.
-
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,
To do this, you must specify the username and password in the request header of the NITRO request as follows:
X-NITRO-USER: <username>
X-NITRO-PASS: <password>
Note: In such cases, make sure that the request header DOES not include the following:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
*Note:
*
Mandatory parameters are marked in
red
and placeholder content is marked in
green
get (all)
URL: http:// <netscaler-ip-address> /nitro/v1/stat/audit Query-parameters: args http:// <netscaler-ip-address> /nitro/v1/stat/audit? args=detail: <Boolean_value> ,fullvalues: <Boolean_value> ,ntimes: <Double_value> ,logfile: <String_value> ,clearstats: <String_value>
Use this query-parameter to get audit resources based on additional properties.
attrs http:// <netscaler-ip-address> /nitro/v1/stat/audit? attrs=property-name1,property-name2
Use this query parameter to specify the resource details that you want to retrieve.
HTTP Method: GET
Request Headers:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
Accept:application/json
Response: HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
Response Header:
Content-Type:application/json
Response Payload:
{ "audit": [ {
"auditportallocfailrate":<Double_value>,
"auditnsballocfailrate":<Double_value>,
"auditsyslogmsgsenttcprate":<Double_value>,
"auditcontextnotfoundrate":<Double_value>,
"logsdroppedtxminnsbs":<Double_value>,
"clientconnfail":<Double_value>,
"flushcmdcntrate":<Double_value>,
"auditlog32errsyslogallocnsbfailrate":<Double_value>,
"auditnsballocfail":<Double_value>,
"auditsyslogmsgsentrate":<Double_value>,
"clientconnfailrate":<Double_value>,
"auditmemallocfailrate":<Double_value>,
"auditlog32errsyslogallocnsbfail":<Double_value>,
"logsdroppedrate":<Double_value>,
"auditportallocfail":<Double_value>,
"nsbchainallocfail":<Double_value>,
"logunsentlbsys":<Double_value>,
"systcpconnfailrate":<Double_value>,
"systcpconnfail":<Double_value>,
"auditmemallocfail":<Double_value>,
"logunsentlbsysrate":<Double_value>,
"auditsyslogmsggenrate":<Double_value>,
"logsdropped":<Double_value>,
"auditsyslogmsgsent":<Double_value>,
"auditcontextnotfound":<Double_value>,
"flushcmdcnt":<Double_value>,
"logsdroppedtxminnsbsrate":<Double_value>,
"auditsyslogmsggen":<Double_value>,
"nsbchainallocfailrate":<Double_value>,
"auditsyslogmsgsenttcp":<Double_value>
}]}