network.citrix
- Juan Tomás Alonso Nieto (Deactivated)
- Former user (Deleted)
Check the reference vendor documentation here.
Introduction
The tags beginning with network.citrix identify events generated by Citrix (formally known as Citrix NetScaler)
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed as network.citrix. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
If you need to parse any events with a subtype that is not included in the table below, please contact us so we can analyze your case and create a dedicated parser.
Technology | Brand | Type | Subtype |
|---|---|---|---|
|
|
|
|
|
|
These are the valid tags and corresponding data tables that will receive the parsers' data:
Product / Service | Tags | Data tables |
|---|---|---|
Citrix ADC |
|
|
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
Citrix NetScaler |
|
|
|
| |
|
| |
|
|
** For any other network.citrix.adc logs, use network.citrix.adc.other table.
How is the data sent to Devo?
Logs generated by Cisco must be sent to the Devo platform via the Devo Relay to secure communication. See the required relay rule below:
Source port → Set as required
Source data →
default (\S+)Target tag →
network.citrix.adc.\\d1Target message →
\\d0
Table structure
These are the fields displayed in these tables: