network.citrix
- Juan Tomás Alonso Nieto (Unlicensed)
- Former user (Deleted)
Introduction
The tags beginning with network.citrix identify events generated by Citrix (formally known as Citrix NetScaler)
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed as network.citrix. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Technology | Brand | Type | Subtype |
|---|---|---|---|
network | citrix | adc |
|
netscaler | snmp |
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Devo table |
|---|---|
network.citrix.adc.aaa | network.citrix.adc.aaa |
network.citrix.adc.aaatm | network.citrix.adc.aaatm |
network.citrix.adc.api | network.citrix.adc.api |
network.citrix.adc.cli | network.citrix.adc.cli |
network.citrix.adc.event | network.citrix.adc.event |
network.citrix.adc.gui | network.citrix.adc.gui |
| network.citrix.adc.ica | network.citrix.adc.ica |
network.citrix.adc.snmp | network.citrix.adc.snmp |
network.citrix.adc.ssllog | network.citrix.adc.ssllog |
network.citrix.adc.sslvpn | network.citrix.adc.sslvpn |
network.citrix.adc.tcp | network.citrix.adc.tcp |
network.citrix.adc.other ** | network.citrix.adc.other |
network.citrix.netscaler.snmp | network.citrix.netscaler.snmp |
** For any other network.citrix.adc logs, use network.citrix.adc.other table.
How is the data sent to Devo?
Logs generated by Cisco must be sent to the Devo platform via the Devo Relay to secure communication. See the required relay rule below:
Source Port → Set as required
- Source data → default (\S+)
Target tag → network.citrix.adc.\\d1
- Target message → \\d0
Log samples
The following are sample logs sent to some of the network.citrix data tables. Also, find how the information will be parsed in your data table under each sample log.
Extra columns
Fields marked as Extra in the table below are not shown by default in data tables and need to be explicitly requested in the query. You can find them marked as Extra when you perform a query so they can be easily identified. Learn more about this in Selecting unrevealed columns.