Documentos de Académico
Documentos de Profesional
Documentos de Cultura
C ONTENTS
Contents
Preface
About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
New in This Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii
Formatting Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Related Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix
Getting Service and Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .x
Knowledge Center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .x
Silver and Gold Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Education and Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi
Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii
Chapter 1
Chapter 2
SNMP
Importing MIB Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Defining SNMP Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Configuring SNMP V1 and V2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Adding an SNMP Community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Removing an SNMP Community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Configuring SNMP Traps and Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
SNMP V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Salient Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
SNMPv3 Security Entities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
Configuring SNMP V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
iv
Chapter 3
Chapter 4
Contents
Chapter 5
Advanced Configurations
Configuring Clock Synchronization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103
Configuring Clock Synchronization Manually. . . . . . . . . . . . . . . . . . . . . . . . .103
Configuring Clock Synchronization Using the Configuration Utility or the CLI .
105
Path Maximum Transmission Unit Discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . .108
The NetScaler in Transparent Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
The NetScaler in End-Point Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
Enabling or Disabling PMTU Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109
Configuring TCP Window Scaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109
Configuring Selective Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
Clearing the Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112
Chapter 6
Reporting Tool
Using the Reporting Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115
Working with Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
Working with Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
vi
P REFACE
Preface
Before you begin to manage and monitor your Citrix NetScaler, take a few
minutes to review this chapter and learn about related documentation, other
support options, and ways to send us feedback.
In This Preface
About This Guide
New in This Release
Audience
Formatting Conventions
Related Documentation
Getting Service and Support
Documentation Feedback
Chapter 2, SNMP. Learn how SNMP works with NetScaler and how to
configure SNMP V1, V2, and V3 on NetScaler.
viii
Chapter 6, Reporting Tool. Learn how to use the Reporting tool to view
performance statistics as reports with graphs that are based on statistics
collected by the nscollect utility.
Use new SNMP traps and alarms. For more information, see Configuring
SNMP Traps and Alarms, on page 34.
Install the NSWL executable on the AIX platform. For more information,
see Installing NSWL on an AIX Operating System, on page 79.
Use new log format when defining log format in the NSWL. For more
information, see Manually Defining a Custom Log Format, on page 96.
Configure NTP servers and enable NTP synchronization from the GUI and
the NetScaler CLI. For more information, see Configuring Clock
Synchronization Using the Configuration Utility or the CLI, on page 105.
Audience
This guide is intended for the following audience:
system administrators
network administrators
Preface
ix
The concepts and tasks described in this guide require you to have a basic
understanding of network design, operation, and terminology.
Formatting Conventions
This documentation uses the following formatting conventions.
Formatting Conventions
Convention
Meaning
Boldface
Italics
Monospace
[ brackets ]
Related Documentation
A complete set of documentation is available on the Documentation tab of your
NetScaler and from http://support.citrix.com/. (Most of the documents require
Adobe Reader, available at http://adobe.com/.)
To view the documentation
1.
2.
3.
To view a short description of each document, hover your cursor over the
title. To open a document, click the title.
Knowledge Center
The Knowledge Center offers a variety of self-service, Web-based technical
support tools at http://support.citrix.com/.
Knowledge Center features include:
Security bulletins
Online problem reporting and tracking (for organizations with valid support
contracts)
Preface
xi
North America, Latin America, and the Caribbean: 8 A.M. to 9 P.M. U.S.
Eastern Time, Monday through Friday
xii
Documentation Feedback
You are encouraged to provide feedback and suggestions so that we can enhance
the documentation. You can send email to the following alias or aliases, as
appropriate. In the subject line, specify Documentation Feedback. Be sure to
include the document name, page number, and product release version.
You can also provide feedback from the Knowledge Center at http://
support.citrix.com/.
To provide feedback from the Knowledge Center home page
1.
2.
3.
On the Documentation tab, click the guide name, and then click Article
Feedback.
4.
On the Documentation Feedback page, complete the form, and then click
Submit.
C HAPTER 1
Defining Users
Once you have changed the default password, no user can access the NetScaler
until you create an account for that user. After you have defined your users by
creating accounts for them, you might have to change passwords or remove user
accounts.
Parameter
Specifies
User Name
Password
1.
2.
3.
In the Create System User dialog box, in the User Name text box, type a
name for the user (for example, johnd).
4.
5.
In the Confirm Password text box, again type the password that you have
typed in the Password text box.
6.
Example
add system user johnd
Parameter
Specifies
Password
Chapter 1
1.
2.
On the System Users page, select the user account for which you want to
change the password (for example, johnd) and click Change Password.
3.
4.
In the Confirm Password text box, type the new password again.
5.
Click OK.
Example
set system user johnd johnd1
1.
2.
On the System Users page, select the user account that you want to
remove. For example, johnd.
3.
4.
Click Yes.
Example
rm system user johnd
Defining Groups
To define a group, you first create the group, then bind users to the group.
Adding Groups
The following table describes the parameter you set to create a group.
Parameter
Specifies
Group Name
1.
2.
3.
In the Create System Group dialog box, in the Group Name text box,
type a name for the group (for example, Managers).
4.
Example
add system group
Managers
Parameter
Specifies
User Name
Chapter 1
1.
2.
3.
Example
bind system group Managers johnd
Removing Groups
All the users and command policies that are currently bound to the group should
be unbound before removing a group.
To remove a group using the configuration utility
1.
2.
On the System Groups page, select the group that you want to remove. (for
example, Managers).
3.
Click Remove.
4.
Example
rm system group Managers
Command Policies
Command policies regulate which commands, command groups, vservers, and
other elements NetScaler users and user groups are permitted to use.
The NetScaler provides a set of built-in command policies, and you can configure
custom policies. To apply the policies, you bind them to user and/or groups.
Here are the key points to keep in mind when defining and applying command
policies.
All users inherit the policies of the groups to which they belong.
You must assign a priority to a command policy when you bind it to a user
account or group account. This enables the NetScaler to determine which
policy has priority when two or more conflicting policies apply to the same
user or group.
The following commands are available by default to any any user and are
unaffected by any command policies you specify:
help cli, show cli attribute, clear cli prompt,
alias, unalias, batch, source, help, history, man,
quit, exit, whoami, config, set cli mode, unset cli
mode, show cli mode, set cli prompt, and show cli
prompt.
Policy Name
Allows
read-only
operator
network
Full access except to NetScaler commands, the shell command, and the
show ns.conf and sh runningconfig commands.
superuser
Chapter 1
When you use regular expressions to define commands that will be affected
by a command policy, you must enclose the commands in double quotes.
For example, if you want to create a command policy named allowShow
that includes all commands that begin with show, you should type the
following:
^show .*$
If you want to create a command policy that includes all commands that
being with rm, you should type the following:
DENY ^rm .*$
Command Specification
^rm\s+.*$
^show\s+.*$
^shell$
^add\s+vserver\s+.*$
The following table shows the command specifications for each of the built-in
command policies:
Policy Name
read-only
(^man.*)|(^show\s+(?!system)(?!ns ns.conf)(?!ns
runningConfig).*)|(^stat.*)
operator
(^man.*)|(^show\s+(?!system)(?!ns ns.conf)(?!ns
runningConfig).*)|(^stat.*)|(^set.*accessdown.*)|(^(enable|disable) (server|service).*)
network
^(?!shell)\S+\s+(?!system)(?!ns ns.conf)(?!ns
runningConfig).*
superuser
.*
The following table describes the parameters you set to create a command policy.
Parameter
Specifies
User Name
Command Spec
Action
1.
2.
3.
In the Create Command Policy dialog box, in the Policy Name text box,
type a name for the command policy (for example, read_all).
4.
5.
6.
Click Create.
Chapter 1
Example
add system cmdPolicy read_all ALLOW (^show\s+(?!system)(?!ns
ns.conf)(?!ns runningConfig).*)|(^stat.*)
When two command policies one bound to an user account and other bound
to a group have the same priority number then the command policy bound
directly to the user account is evaluated first.
Parameter
Specifies
User Name
Policy Name
1.
2.
10
3.
Click Open.
4.
5.
In the Priority list box, for each active policy, enter a priority number for
the policy (for example, 1), or adjust the number.
6.
Click OK.
Example
bind system user johnd johnd_pol 1
group.
Parameter
Specifies
Group Name
Policy Name
1.
2.
3.
Click Open.
4.
5.
In the Priority list box, for each active policy, enter a priority number for
the policy (for example, 2), or adjust the number.
6.
Click OK.
Chapter 1
11
Example
bind system group Managers -policyName Managers_pol 2
1.
2.
3.
Click Remove.
4.
Example
rm system cmdPolicy Managers_pol
12
1.
Note: You cannot log on via ssh to perform this procedure; you must connect
directly to the NetScaler.
As the operating system starts, it displays the following message:
Hit [Enter] to boot immediately, or any other key
for command prompt.
Booting [kernel] in # seconds.
2.
Press CTRL+C.
The following message appears:
Type ? for a list of commands, help for more
detailed help.
ok
3.
Type boot -s, and press the Enter key to start the NetScaler in single user
mode.
After the NetScaler boots, it displays the following message:
Enter full pathname of shell or RETURN for /bin/sh:
4.
Press the Enter key to display the # prompt, and type the following
commands to mount the file systems:
fsck /dev/ad0s1a
mount /dev/ad0s1a /flash
5.
6.
7.
Type reboot and press the Enter key to reboot the NetScaler.
When the NetScaler completes rebooting, it prompts for username and
password.
8.
9.
10.
Chapter 1
13
John Doe. The IT manager. John needs to be able to see all parts of the
NetScaler configuration but does not need to modify anything.
The following table shows the breakdown of network information, user account
names, group names, and command policies for the sample company:
Field
Value
Note
NetScaler
hostname
ns01.example.net
User accounts
johnd
mariar
michaelb
Groups
Managers
SysOps
All managers
All IT administrators
Command
Policies
read_all
modify_lb
modify_all
The following description walks you through the process of creating a complete
set of user accounts, groups, and command policies on the NetScaler
ns01.example.net.
The description includes procedures for binding the appropriate user accounts and
groups to one another, and binding appropriate command policies to the user
accounts and groups.
This example illustrates how you can use prioritization to grant precise access
and privileges to each user in the IT department.
14
The example assumes that initial installation and configuration have already been
performed on the NetScaler.
To create johnd, mariar, and michaelb user accounts
1.
2.
3.
In the Create System User dialog box, in the User Name text box, type
johnd.
4.
5.
In the Confirm Password text box, again type the password that you have
typed in the Password text box.
6.
Click Create.
7.
1.
2.
3.
In the Create System Group dialog box, in the Group Name text box,
type Managers.
4.
5.
1.
2.
On System Groups page, select the Managers group and click Open.
3.
In the Configure System Group dialog box, under Members, select johnd
in the Available Users list.
4.
5.
6.
Repeat steps 14 to bind users mariar and michaelb to the group SysOps.
1.
2.
Chapter 1
15
3.
In the Create Command Policy dialog box, in the Policy Name text box,
type read_all.
4.
5.
6.
Click Create.
7.
8.
1.
2.
3.
Click Open.
4.
5.
Click OK.
6.
1.
2.
3.
Click Open.
4.
5.
Click OK.
John Doe, the IT manager, has read-only access to the entire NetScaler, but
cannot make modifications.
16
Maria Ramirez, the IT lead, has near-complete access to all areas of the
NetScaler configuration, having to log on only to perform NetScaler-level
commands.
As mentioned earlier, the set of command policies that applies to a specific user is
a combination of command policies applied directly to the user's account and
command policies applied to the group(s) of which the user is a member.
Each time a user enters a command, the operating system searches the command
policies for that user until it finds a policy with an explicit ALLOW or DENY
action that matches the command. When it finds a match, the operating system
stops its command policy search and allows or denies access to the command.
If the operating system finds no matching command policy, it denies the user
access to the command, in accordance with the NetScalers default deny policy.
Note: When placing a user into multiple groups, take care not to cause
unintended user command restrictions or privileges. To avoid these conflicts,
when organizing your users in groups, it's good to bear in mind the NetScaler's
command policy search procedure and policy ordering rules.
C HAPTER 2
SNMP
30
The SNMP agent on the NetScaler supports SNMP version 1 (SNMPv1), SNMP
version 2 (SNMPv2), and SNMP version 3 (SNMPv3). The SNMP agent handles
queries, such as SNMPv2 Get-Bulk, from the SNMP manager. The SNMP agent
also sends out traps compliant with SNMPv2. It also supports SNMPv2 datatypes, such as counter64.
In This Chapter:
Importing MIB Files
Defining SNMP Managers
Configuring SNMP V1 and V2
SNMP V3
Before you start configuring SNMP, you must import the appropriate SNMP MIB
files to the network management application, as follows:
Note: For information about the user name and password used to connect to the
FTP site, contact the NetScaler product support group.
Chapter 2
SNMP
31
Parameter
Specifies
IP Address
Netmask
1.
In the navigation pane, expand System, click SNMP, and click Managers.
2.
3.
In the Create Manager dialog box, in the IP Address text box, type the IP
address of the computer running the management application (for example,
10.102.29.5).
4.
Click Add.
Example
add snmp manager 10.102.29.5
32
1.
In the navigation pane, expand System, click SNMP, and then click
Managers.
2.
On the SNMP Managers page, select the manager which you want to
remove.
3.
Click Remove.
4.
Example
rm snmp manager
10.102.29.5
Set traps and alarms to send SNMP trap notifications to the SNMP manager
for any asynchronous events generated by the agent to indicate the state of
the NetScaler.
Chapter 2
SNMP
33
Parameter
Specifies
Community Name
Permissions
1.
In the navigation pane, expand System, click SNMP, and then click
Community.
2.
3.
In the Add SNMP Community dialog box, in the Community String text
box, type a name for the community to be added (for example, Com_All).
4.
5.
Click Create.
1.
In the navigation pane, expand System, click SNMP, and then click
Community.
2.
On the SNMP Community page, select the community that you want to
remove (for example, Com_All).
3.
Click Remove.
4.
34
Generic trap
Indicates
authenticationFailure
coldStart
linkUp
linkDown
The following table describes the specific SNMP traps that the NetScaler
supports.
Specific trap
Indicates
averageCpuUtilization
Chapter 2
SNMP
35
Specific trap
Indicates
averageCpuUtilizationNormal
changeToPrimary
changeToSecondary
cpuUtilization
cpuUtilizationNormal
diskUsageHigh
diskUsageNormal
entityup
entitydown
fanSpeedLow
fanSpeedNormal
interfaceThroughputLow
interfaceThroughputNormal
maxClients
maxClientsNormal
memoryUtilization
memoryUtilizationNormal
monRespTimeoutAboveThresh
36
Specific trap
Indicates
monRespTimeoutBelowThresh
netscalerLoginFailure
NetScalerConfigChange
netScalerConfigSave
serviceRequestRate
serviceRequestRateNormal
serviceRxBytesRate
serviceRxBytesRateNormal
serviceTxBytesRate
serviceTxBytesRateNormal
serviceSynfloodRate
serviceSynfloodNormal
sslCertificateExpiry
svcGrpMemberRequestRate
svcGrpMemberRequestRateNormal
svcGrpMemberRxBytesRate
svcGrpMemberRxBytesRateNormal
svcGrpMemberTxBytesRate
Chapter 2
SNMP
37
Specific trap
Indicates
svcGrpMemberTxBytesRateNormal
svcGrpMemberSynfloodRate
svcGrpMemberSynfloodNormal
svcGrpMemberMaxClients
svcGrpMemberMaxClientsNormal
synflood
synfloodNormal
temperatureHigh
temperatureNormal
vServerRequestRate
vServerRequestRateNormal
vserverRxBytesRate
vserverRxBytesRateNormal
vserverTxBytesRate
vserverTxBytesRateNormal
vserverSynfloodRate
vserverSynfloodNormal
voltageLow
voltageNormal
38
Specific trap
Indicates
voltageHigh
haVersionMismatch
haSyncFailure
haNoHeartbeats
haBadSecState
powerSupplyFailed
powerSupplyNormal
interfaceBWUseHigh
interfaceBWUseNormal
aggregateBWUseHigh
aggregateBWUseNormal
Note: SNMP manager to listen for traps with this community name. The default
community name is public.
The following table describes the parameters you set to add an SNMP trap:
Parameter
Specifies
Trap Class
Version
Chapter 2
Parameter
SNMP
39
Specifies
IP address of the trap destination.
Destination IP Address
Destination Port
Source IP Address
Severity
Community Name
1.
In the navigation pane, expand System, click SNMP, and click Traps.
2.
3.
4.
5.
In the Destination Port text box, type the destination port (for example,
163).
6.
In the Source IP text box, type the source IP address of the trap (for
example, 10.102.29.54).
7.
8.
In the Community Name text box, type the name of the SNMP string that
you want to include in the trap (for example, com1).
9.
Click Add.
Example
add snmp trap specific 10.102.29.3 -version V2
-destPort 163 -communityName com1 -srcIP 10.102.29.54 -severity
Major
40
1.
In the navigation pane, expand System, click SNMP, and then click Traps.
2.
On the SNMP Traps page, select the trap that you want to remove.
3.
Click Remove.
4.
1.
In the navigation pane, expand System, expand SNMP, and click Alarms.
2.
3.
Specifies
Severity
Chapter 2
SNMP
41
1.
In the navigation pane, expand System, expand SNMP, and click Alarms.
2.
Click Open.
3.
4.
Click Ok.
Parameter
Specifies
Logging
1.
In the navigation pane, expand System, expand SNMP, and then click
Alarms.
2.
Click Open.
3.
4.
Click Ok.
42
or
set snmp alarm LOGIN-FAILURE -logging DISABLED
SNMP V3
Simple Network Management Protocol Version 3 (SNMPv3) is based on the
basic structure and architecture of SNMPv1 and SNMPv2. However, SNMPv3
enhances the basic architecture to incorporate administration and security
capabilities such as authentication, access control, data integrity check, data
origin verification, message timeliness check, and data confidentiality.
Salient Features
SNMPv3 provides security features such as message-level security and access
control. To implement these features, SNMPv3 introduces the user-based security
model (USM) and the view-based access control model (VACM).
Data origin verification: To authenticate the user who sent the message
request.
Chapter 2
SNMP
43
SNMP Engines
SNMP Views
SNMP Groups
SNMP Users
SNMP Engines
SNMP engines are service providers that reside in the SNMP agent. They provide
services such as sending or receiving and authenticating messages. SNMP
engines are uniquely identified using engine IDs.
SNMP Views
SNMP views restrict user access to specific portions of the MIB. SNMP views
are used to implement access control.
SNMP Groups
SNMP groups are logical aggregations of SNMP users.They are used to
implement access control and to define the security levels. You can configure an
SNMP group to set access rights for users assigned to that group, thereby
restricting the users to specific views.
SNMP Users
SNMP users are the SNMP managers that the agents allow to access the MIBs.
Each SNMP user is assigned to an SNMP group.
These entities function together to implement the SNMPv3 security features.
Views are created to allow access to subtrees of the MIB. Then, groups are
created with the required security level and access to the defined views. Finally,
users are created and assigned to the groups.
Configuring SNMP V3
To implement message authentication and access control, you need to:
Configure Views
Configure Groups
44
Configure Users
Parameter
Specifies
EngineID
1.
In the navigation pane, expand System, expand SNMP, and click Users.
2.
3.
In the Configure Engine ID dialog box, in the Engine ID text box, type an
engine ID (for example, 8000173f0300c095f80c68).
4.
Click OK.
Example
set snmp engineId 8000173f0300c095f80c68
Parameter
Specifies
Name
Subtree
Chapter 2
SNMP
45
1.
In the Navigation Pane, expand System, expand SNMP, and click View.
2.
3.
In the Add SNMP View dialog box, in the Name text box, type a name for
the SNMP view you want to add (for example, View1).
4.
5.
Click Create.
Example
add snmp view View1
Parameter
Specifies
Name
Read View
1.
In the navigation pane, expand System, expand SNMP, and click Group.
2.
3.
In the Add SNMP Group dialog box, in the Name text box, type a name
for the SNMP group you want to add (for example, Group1).
4.
46
Example
add snmp group Group1
Parameter
Specifies
Name
Read View
1.
In the navigation pane, expand System, click SNMP, and then click Users.
2.
3.
In the Add SNMP User dialog box, in the Name text box, type a name for
the SNMP user you want to add (for example, User1).
4.
In Group Name, select the configured SNMP group that you want the user
to be part of.
5.
Example
add snmp user User1
Chapter 2
SNMP
47
Note: The view, group, and user configurations are synchronized and
propagated to the secondary node in an HA pair. However, the engineID is neither
propagated nor synchronized, because it is unique to each NetScaler.
48
C HAPTER 3
A time stamp
To enable audit server logging, you must configure the auditing parameters on the
NetScaler, set up and install the executable files on a computer from where you
want to run the audit tool, and configure the parameters in the configuration file
by defining the filters and filter parameters.The filters determine the type of
information in the log files and the location at which to storethe files.
In This Chapter
Configuring the Citrix NetScaler Audit Server Log
Installing the Audit Server Files
Configuring Audit Server Logging on a Server system
Configuring Audit Server Logging for a Commonly Used Deployment Scenario
50
Source port
Destination port
Source IP
Destination IP
Note: You can enable TCP logging on individual load balancing vservers. You
must bind the audit log policy to a specific load balancing vserver that you want
to log.
To configure audit server logging, you must set the following parameters:
Parameter
Specifies
Auditing Type
IP Address
Port
Log Levels
EMERGENCY
ALERT
CRITICAL
ERROR
WARNING
NOTICE
INFORMATION
DEBUG
Chapter 3
51
Parameter
Specifies
Log Facility
Time Zone
TCP Logging
The following table describes the severity levels that you can set to specify when
logging is to occur.
Level
Specifies
EMERGENCY
ALERT
CRITICAL
ERROR
WARNING
NOTICE
INFORMATION
Log all actions taken by the NetScaler. This level is useful for
troubleshooting problems.
DEBUG
1.
In the Navigation Pane, expand System, and click the Auditing node.
2.
52
3.
4.
In the IP Address and Port text boxes, type the IP of the server for which
you want to configure logging, and the port number to use; for example,
10.102.29.1, and 3023. The default port number is 3023.
5.
Under Log Levels, either select the ALL check box or select specific loglevel check boxes.
Note: Selecting NONE disables all log levels. Use this option when you
want to reset log levels.
6.
7.
8.
Click OK.
1.
2.
On the Auditing Policies and Servers page, select the Servers tab and
click Add.
The Create Auditing Server dialog box appears. For descriptions of the
parameters in this dialog box, see the table, , on page 50.
3.
In the Create Auditing Server dialog box, in the Name text box, type a
name for the auditing server, and in the Auditing Type drop-down list,
select NSLOG.
4.
In the IP Address and Port text boxes, type the IP address and the port
number of the auditing server. The default port is 3023.
5.
Under Log Levels, select the ALL check box or select specific log-level
check boxes.
Chapter 3
53
6.
7.
8.
Select a Date Format option and a Time Zone option for the time stamp.
9.
1.
2.
On the Policies page, select the Policies tab, and click Add.
3.
In the Create Auditing Policy dialog box, in the Name text box, type a
name for the policy (for example, nspol1).
4.
5.
In the Server drop-down list, select the server for which the policy applies.
6.
Click Create, and click Close. The policy appears on the Policies page.
1.
2.
3.
4.
In the Priority list box, enter or adjust the priority (for example, click the
down arrow until 0 appears).
5.
Click OK.
54
Operating System
Software Requirements
Windows
Linux
FreeBSD
FreeBSD 4.9
Hardware Requirements
1.
2.
/usr/local/netscaler/etc
Chapter 3
/usr/local/netscaler/bin
/usr/local/netscaler/samples
55
At a command prompt, type the following command to uninstall the audit server
logging feature:
rpm -e NSauditserver
For more information about the NSauditserver RPM file, use the following
command:
rpm -qpi *.rpm
To view the installed audit server files use the following command:
rpm -qpl *.rpm
1.
3.
56
pkg_add NSauditserver.tgz
4.
/usr/local/netscaler/etc
/usr/local/netscaler/bin
/usr/local/netscaler/samples
At a command prompt, type the following command to uninstall the audit server
logging package:
pkg_delete NSauditserver
1.
2.
\NS\BIN
\NS\ETC
\NS\SAMPLES
Chapter 3
57
1.
2.
Type the following command to uninstall the audit server logging feature:
audserver -remove
Specifies
audserver -help
audserver -addns -f
<path to configuration
file>
audserver -verify -f
<path to configuration
file>
58
Specifies
Starts audit server logging based on the configuration
settings in the configuration file, for example,
auditlog.conf file.
Linux only:
To start the audit server as a background process, type
& at the end of the command.
audserver -stop
Linux only:
Stops audit server logging when audit server is started
as a background process. Alternatively, use the Ctrl+C
key to stop audit server logging.
audserver -install -f
<path to configuration
file>
Windows Only:
Installs the audit server logging client as a service on
Windows.
Windows Only
audserver -remove
Run the audserver command from the directory in which the audit server
executable is present:
On Windows: \ns\bin
The audit server configuration files are present in the following directories:
On Windows: \ns\etc
On Linux: \usr\local\netscaler\etc
Chapter 3
59
2.
Using a text editor, make the following changes in the auditlog.conf file:
3.
A.
B.
C.
D.
Note: You can configure the NetScaler to log integrated cache transactions
using the audit server logging feature.
Defining Filters
Define filters in the configuration file (for example, auditlog.conf) to
configure each Citrix NetScaler to log web transactions handled by the logging
server.
Define log properties for each filter. The filter applies these log properties to the
transactions that match the filter definition.
Note: A transaction is not recorded if a filter definition does not exist for a log
transaction.
60
Creating Filters
To create a filter, type the following command in the auditlog.conf file:
filter <filterName> [IP <ip>] [NETMASK <mask>] [ON | OFF]
LogInterval specifies the interval at which new log files are created.
Use one of the following values:
Chapter 3
61
LogFileSizeLimit specifies the maximum size (in MB) of the log file.
A new file is created when the limit is reached.
Note that you can override the loginterval property by assigning
size as its value.
The default LogFileSizeLimit is 10 MB.
Example:
LogFileSizeLimit 35
LogFilenameFormat specifies the file name format of the log file. The
name of the file can be of the following types:
Static: A constant string that specifies the absolute path and the file
name.
Date (%{format}t)
Note: For more information, see Checklist for Configuring Audit Server
Logging, on page 65.
Example:
LogFileNameFormat Ex%{%m%d%y}t.log
This creates the first file name as Exmmddyy.log. New files are named:
Exmmddyy.log.0, Exmmddyy.log.1, and so on. In the following
example, the new files are crated when the file size reaches 100MB.
Example:
LogInterval size
LogFileSize 100
62
LogFileNameFormat Ex%{%m%d%y}t
logDirectory specifies the directory name format of the log file. The
name of the file can be either of the following:
Date (%{format}t)
In the other operating systems (Linux, FreeBsd, Mac, etc.), use the
directory separator /.
Example:
LogDirectory dir1/dir2/dir3
Note: For more information, see Checklist for Configuring Audit Server
Logging, on page 65.
Chapter 3
63
This creates a log file for NSIP 192.168.10.1 with the default values of the
log in effect.
Example 2:
Filter f1 IP 192.168.10.1
begin f1
logFilenameFormat logfiles.log
end f1
This creates a log file for NSIP 192.168.10.1. Since the log file name format
is specified, the default values of the other log properties are in effect.
1.
Userid
Password
If you add multiple NetScaler IP addresses (NSIP), and later you do not want to
log all of Citrix NetScaler System event details, you can delete the NSIPs
manually by removing the NSIP statement at the end of the auditlog.conf file.
During a failover setup, you must add both primary and secondary Citrix
Netscaler IPs to auditlog.conf using the audserver command. Before adding
the IP address, make sure the username and password exist on the system.
64
Verifying Configuration
Check the configuration file (auditlog.conf) for syntax correctness to enable
logging to start and function correctly.
To verify configuration, at a command prompt, type the following command:
audserver -verify -f <directorypath>\auditlog.conf
To stop audit server logging that starts as a service in Windows, use the following
command:
audserver -stopservice
begin filter_nsip
logInterval Hourly
Chapter 3
logFileSizeLimit 10
logDirectory logdir\%A\
logFilenameFormat nsip%{%d%m%Y}t.log
65
end filter_nsip
Filter default
begin default
logInterval Hourly
logFileSizeLimit 10
logFilenameFormat auditlog%{%y%m%d}t.log
end default
Verify that the Citrix NetScaler System username and password are valid.
2.
If there is a firewall between the NetScaler and logging machine, make sure
the RPC 3010/3011 port is open.
3.
Verify that the Citrix NetScaler is accessible from the log machine by doing
the following:
4.
Verify that the IP address of the system is present in the configuration file
(auditlog.conf).
5.
Verify that the Audit Server IP address is entered in the MYIP field in the
auditlog.conf file.
66
Value
Name
audit1
Auditing Type
NSLOG
IP Address
10.102.1.1
Port
3024
Log Level
NOTICE
TCP Logging
ALL
Date Format
DDMMYYYY
Log Facility
LOCAL0
Chapter 3
67
Value
Time Zone
Local
1.
2.
On the Auditing page, select the Servers tab and click Add.
3.
In the Create Auditing Server dialog box, in the Name text box, type
audit1, and in the Auditing Type drop-down list, select NSLOG.
4.
In the IP Address text box, type 10.102.1.1, and in the Port text box, type
3024.
5.
Under Log Levels, select the NOTICE check box, and select the
DDMMYYYY Date format option.
6.
7.
The following procedure explains how to create a policy for the audit server
action audit1.
To configure audit server policy
1.
2.
3.
In the Create Auditing Policy dialog box, in the Name text box, type a
name for the policy (for example, auditpol1).
4.
In the Auditing Type drop-down list, select NSLOG, in the Server dropdown list, select audit1.
5.
Click Create, and click Close. The policy appears on the Policies page.
In the following procedure, you globally bind the audit log policy auditpol1 and
set the priority to 0.
To globally bind the audit log policy
1.
2.
On the Policies page, on the Policies tab, and click Global Bindings.
68
3.
4.
Click OK.
1.
\NS\BIN
\NS\ETC
\NS\SAMPLES
Note: The BIN directory contains the executable audserver.exe and the
ETC directory contains the auditlog.conf file.
2.
3.
4.
5.
Edit the auditlog.conf file located at \NS\ETC by changing the values for
the following parameters as shown:
MYIP 10.102.1.1
Chapter 3
69
MYPORT 3024
Filter default
begin default
logInterval Hourly
logFileSizeLimit 10
logFilenameFormat auditlog%{%y%m%d}t.log
end default
6.
7.
To stop audit server, at the command prompt, press Ctrl+C. The following
output appears:
NSAUDIT:quitting on 2 signal!
70
C HAPTER 4
Web server logging is the process of maintaining a history of page requests that
originate from Citrix NetScaler System.
In This Chapter
How Web Server Logging Works
Configuring Web Server Logging Parameters
System Requirements for Web Server Logging
Installing the NSWL files on the Logging System
Configuring Web Server Logging on the Logging System
Checklist for Configuring Web Server Logging
72
The log format that you can use depends on the requirements to troubleshoot a
problem. Custom log formats let you define only those parameters to log that you
specify.
1.
2.
3.
4.
Click OK.
5.
or
disable ns feature WL
Specifies
Buffer Size
Chapter 4
73
1.
2.
3.
In the Configure Global Settings dialog box, in the Web Logging section,
enter a value in the Buffer_Size (in MBytes) text box (for example, 32).
4.
Click OK.
Example
set weblogparam -b
32
Note: To activate the new buffer size, you must disable and reenable web server
logging, as described in Enabling or Disabling Web Server Logging, on page
72.
In the navigation pane, expand System and click Settings. On the Settings page,
under Modes and Settings, click Change advanced features. In Configure
Advanced Features dialog box, check to see whether the Web Logging check
box is selected.
To see whether web server logging is enabled or disabled using the
NetScaler command line
To display the buffer size for log transactions using the Configuration Utility
In the navigation pane, expand System and click Settings. On the Settings page,
under Settings, click Change global system settings. In Configure Global
Settings dialog box, under Web Logging, the Buffer_Size (in MBytes) text box
displays the buffer size.
74
MAC
Linux
Software Requirements
Windows XP Professional - Version 2002
Windows 2003 server
Windows 2000/NT
RELEASE_PPC Power Macintosh powerpc - Darwin
Kernel Version 8.6.0
Red Hat Enterprise Linux AS release 4 (Nahant) - Linux
version 2.6.9-5.EL
Red Hat 3.4.3-9.EL4 - Linux version 2.6.9-5.ELsmp
Red Hat Linux 3.2.2-5 - Linux version 2.4.20-8
Solaris
FreeBSD
FreeBSD 4.9
Hardware Requirements
If the logging system cannot process the log transaction because a CPU
limitation, the Web log buffer overruns and the logging process reinitiates.
Caution: Reinitiation of logging can result in loss of log transactions.
To temporarily solve a logger client bottleneck caused by a CPU limitation, you
can tune the Web server logging buffer size. To solve the problem, you need a
logger client that can handle the sites throughput.
Chapter 4
75
1.
2.
3.
Extract the files from the *.tar file with the following command:
tar xvf NSweblog.tar
5.
You are prompted to select the packages. Select the package number of the
NSweblog to be installed.
After you select the package number and press Enter, the files are extracted
and installed in the following directories. (The dot indicates the current
directory.)
/usr/local/netscaler/etc
/usr/local/netscaler/bin
76
6.
/usr/local/netscaler/samples
Note: To uninstall web server logging, use the command: pkgrm NSweblog
1.
2.
This command extracts the files and installs them in the following
directories. (The dot indicates the current directory.)
/usr/local/netscaler/etc
/usr/local/netscaler/bin
/usr/local/netscaler/samples.
To get more information on the NSweblog RPM file, use the following command.
rpm -qpi *.rpm.
To view the installed web server logging files, use the following command (*.rpm
is the file name).
rpm -qpl *.rpm
Chapter 4
77
1.
2.
3.
This command extracts the files and installs them in the following
directories. (The dot indicates the current directory.)
4.
/usr/local/netscaler/etc
/usr/local/netscaler/bin
/usr/local/netscaler/samples
Note: To uninstall the web server logging package, enter the command:
pkg_delete NSweblog
1.
2.
3.
This command extracts the files and installs them in the following
directories. (The dot indicates the current directory.)
78
4.
/usr/local/netscaler/etc
/usr/local/netscaler/bin
/usr/local/netscaler/samples
Note: To uninstall the web server logging package, enter the command
pkg_delete NSweblog
1.
2.
The extracted files are installed in the following directories. (The dot
indicates the current directory.)
3.
\NS\BIN
\NS\ETC
\NS\SAMPLES
To uninstall the web server logging, run the following command from the
\NS\BIN folder:
nswl -remove
Note: To uninstall the web server logging, run the nswl -remove command
from the \NS\BIN folder:
Chapter 4
79
1.
2.
This command extracts the files and installs them in the following
directories. (The dot indicates the current directory.)
/usr/local/netscaler/etc
/usr/local/netscaler/bin
/usr/local/netscaler/samples.
To get more information on the NSweblog RPM file, use the following command.
rpm -qpi *.rpm.
To view the installed web server logging files, use the following command (*.rpm
is the file name).
rpm -qpl *.rpm
NSWL Options
The following table describes the options that you can use with the nswl
executable.
nswl Command
Specifies
nswl -help
80
nswl Command
Specifies
nswl -stop
nswl -startservice
(Windows only)
nswl -stopservice
(Windows only)
nswl -remove
Run the following commands from the directory in which the nswl executable is
located:
Windows: \ns\bin
The web server logging configuration files are located in the following directory
path:
Windows: \ns\etc
2.
3.
Chapter 4
81
4.
Add the IP addresses of the Citrix NetScaler System to the log.conf file.
5.
6.
Note: You can configure the Citrix NetScaler System to log integrated cache
transactions, using the web server logging feature.
Defining Filters
Log filters let you filter the host IP address, domain name, and hostname of the
Web servers. You must do the following to define filters:
Define filters in the configuration file (log.conf) for each server whose
web transactions are logged.
Define log properties for each filter. The filter applies these log properties
to transactions that match the filter.
Note: If a filter does not exist for a log transaction, the transaction is not
recorded unless the default filter is defined.
Creating Filters
To create a filter, enter the following command in the log.conf file:
Filter <filterName> [HOST name] | [IP ip] | [IP ip 2...ip n] | [IP
ip NETMASK mask] [ON | OFF]
82
The following table lists the parameters that can be set using the filter command:
Parameter
Specifies
filterName
HOST name
Host name of the server for which the transactions are being
logged.
IP ip
IP ip 2...ip n:
IP ip NETMASK mask
ON | OFF
Chapter 4
83
LogFormat specifies the web server logging feature that supports NCSA, W3C
Extended, and custom log file formats. For more information, see Log File
Formats, on page 90 in this chapter.
By default, the logformat property is w3c. To override, enter custom or
NCSA in the configuration file, for example:
LogFormat NCSA
Note: For the NCSA and Custom log formats, local time is used to time stamp
transactions and for file rotation.
LogInterval specifies the intervals at which log files are created. The default
property is Daily. If the LogInterval value is specified as:
None: A file is created only once, when web server logging starts
84
LogFileSizeLimit specifies the maximum size of the log file in MB. It can
be used with any log interval (weekly, monthly, and so on.) A file is created when
the maximum file size limit is reached or when the defined log interval time
elapses.
To override this behavior, specify the size as the loginterval property so that a file
is created only when the log file size limit is reached.
The default LogFileSizeLimit is 10 MB.
Example
LogFileSizeLimit 35
LogFilenameFormat specifies the file name format of the log file. The name
of the file can be of the following types:
Static: Specifies a constant string that contains the absolute path and file
name.
Date (%{format}t)
Note: For more information, see Log File Formats, on page 90 in this
chapter.
Example
LogFileNameFormat Ex%{%m%d%y}t.log
This command creates the first file name as Exmmddyy.log, then every hour
creates a file with file name: Exmmddyy.log.0, Exmmddyy.log.1,...,
Exmmddyy.log.n.
Example
LogInterval size
LogFileSize 100
LogFileNameFormat Ex%{%m%d%y}t
Chapter 4
85
This command creates a log file that excludes log transactions for *.html files.
LogTime specifies log time as either GMT or LOCAL.
The defaults are:
LogInterval: Daily
86
LogFileSize: 10
LogFileNameFormat: Ex%{%m%d%y}t
LogTransactions: Completed.
Example 1
Filter f1 IP 192.168.10.1
This command creates a log file for server 192.168.10.1. Only the log file name
format is specified, and the rest of the default values for the log properties remain
same.
1.
Chapter 4
87
If you add multiple NetScaler IP addresses (NSIP), and later you do not want to
log all of Citrix NetScaler System log details, you can delete the NSIPs manually
by removing the NSIP statement at the end of the log.conf file. During a failover
setup, you must add both primary and secondary Netscaler IPs to log.conf
using the command. Before adding the IP address, make sure the username and
password exist on the system.
To stop web server logging started as a service in Windows, use the following
command:
nswl -stopservice
88
##########
# Default filter (default on)
# W3C Format logging, new file is created every hour or on reaching
10MB file size,
# and the file name is Exyymmdd.log
##########
Filter default
begin default
logFormat
W3C
logInterval
Hourly
logFileSizeLimit
10
logFilenameFormat
Ex%{%y%m%d}t.log
end default
##########
Chapter 4
89
##########
# NCSA Format logging, new file is created every day midnight or on
reaching 20MB file size,
# and the file name is /datadisk5/netscaler/log/NS<hostname>/
Nsmmddyy.log.
# Exclude objects that ends with .gif .jpg .jar.
##########
#begin ORIGIN_SERVERS
#
logFormat
NCSA
logInterval
Daily
logFileSizeLimit
40
#
logFilenameFormat
NS%{%m%d%y}t.log
/datadisk5/ORGIN/log/%v/
logExclude
#end ORIGIN_SERVERS
##########
# NCSA Format logging, new file is created every day midnight or on
reaching 20MB file size,
# and the file name is /datadisk5/netscaler/log/NS<hostname>/
Nsmmddyy.log with log record timestamp as GMT.
##########
#begin CACHE_F
#
logFormat
NCSA
logInterval
Daily
logFileSizeLimit
20
#
logFilenameFormat /datadisk5/netscaler/log/%v/
NS%{%m%d%y}t.log
#
logtime
GMT
#end CACHE_F
##########
# W3C Format logging, new file on reaching 20MB and the log file
path name is
# atadisk6/netscaler/log/server's ip/Exmmyydd.log with log record
timestamp as LOCAL.
##########
90
#begin IMAGE_SERVER
#
logFormat
W3C
logInterval
Size
logFileSizeLimit
20
logFilenameFormat /datadisk6/netscaler/log/%AEx%{%m%d%y}t
logtime
LOCAL
#end IMAGE_SERVER
##########
# Virtual Host by Name firm, can filter out the logging based on the
host name by,
##########
logFormat
W3C
logInterval
Daily
logFileSizeLimit
10
logFilenameFormat /ns/prod/vhost/%v/Ex%{%m%d%y}t
#end VHOST_F
Chapter 4
91
To use the NCSA Common log format, enter NCSA in the LogFormat argument in
the log.conf file.
The following table describes the NCSA Common log format.
Client _IP_address
User Name
Date
Time
Time Zone
Method
Object
HTTP_version
HTTP_StatusCode
Bytes Sent
For a description of the meaning of this each custom format, see Custom Log
Format, on page 95 in this chapter. You can also change the order or remove
some fields in this W3C log format. For example:
logFormat W3C %{%Y-%m-%d%H:%M:%S}t %m %U
92
#Version: 1.0
#Fields: date time cs-method cs-uri
#Date: 12-Jun-2001 12:34
2001-06-12 12:34:23 GET /sports/football.html
2001-06-12 12:34:30 GET /sports/football.html
Entries
Entries consist of a sequence of fields relating to a single HTTP transaction.
Fields are separated by white space; Citrix recommends the use of tab characters.
If a field in a particular entry is not used, a dash - marks the omitted field.
Directives
Directives record information about the logging process. Lines beginning with
the # character contain directives.
The following table describes the directives.
Directive
Description
Version: <integer>.<integer>
Fields: [<specifier>...]
Software: <string>
Remark: <text>
Note: The Version and Fields directives are required. They precede all
other entries in the log file.
Example
The following sample log file shows the W3C Extended log format:
#Version: 1.0
#Fields: time cs-method cs-uri
Chapter 4
93
Fields
The Fields directive lists a sequence of field identifiers that specify the
information recorded in each entry. Field identifiers may have one of the
following forms:
prefix(header): Specifies the value of the HTTP header field header for
transfer between parties defined by the value prefix. Fields specified in this
manner always have the type <string>.
Prefix
Specifies
Client.
Server.
Remote.
cs
Client to server.
sc
Server to client.
sr
rs
Application-specific identifier.
Examples
94
Identifiers
The following table describes the W3C Extended log format identifiers that do
not require a prefix.
Identifier
Description
date
time
time-taken
Specifies the time taken (in seconds) for the transaction to complete.
bytes
cached
Records whether a cache hit has occurred. A zero indicates a cache miss.
The following table describes the W3C Extended log format identifiers that
require a prefix.
Identifier
Description
IP
dns
status
comment
method
url
url-stem
url-query
The W3C Extended Log file format allows you to choose log fields. These fields
are shown in the following table:
Field
Description
Date
Time
Client IP
User Name
Service Name
Chapter 4
Server IP
Server Port
Method
Url Stem
Url Query
Http Status
Bytes Sent
Bytes Received
Time Taken
Protocol Version
User Agent
Cookie
Referer
95
1.
Add the following two C functions defined by the system in a source file:
ns_userDefFieldName(): This function returns the string that must
be added as a custom field name in the log file.
96
3.
Link the object file with the NSWL library (and optionally, with third party
libraries) to form a new nswl executable.
4.
Example
If you want to add a digital signature at the end of each record, follow the steps in
the preceding section and define the filter in the log.conf file as described
below.
##########
# A new file is created every midnight or on reaching 20MB file
size,
# and the file name is /datadisk5/netscaler/log/NS<hostname>/
Nsmmddyy.log and create digital
#signature field for each record.
BEGIN CACHE_F
logFormat custom "%a - "%{user-agent}i" [%d/%B/%Y %T -%g] "%x"
%s %b%{referrer}i "%{user-agent}i" "%{cookie}i" %d "
logInterval Daily
logFileSizeLimit20
logFilenameFormat/datadisk5/netscaler/log/%v/NS%{%m%d%y}t.log
END CACHE_F
The characteristics of the request are logged by placing % directives in the format
string, which are replaced in the log file by the values.
Chapter 4
97
%a
%A
%a6
%A6
%B
Specifies the bytes sent, excluding the HTTP headers (response size)
%b
Specifies the bytes received, excluding the HTTP headers (request size)
%d
%g
%h
%H
%{Foobar}i
Specifies the contents of the Foobar: header line(s) in the request sent to
the server. The system supports the User-Agent, Referer and cookie
headers. The + after the % in this format informs the logging client to
use the + as a word separator.
%j
%J
%l
98
%m
%M
%{Foobar}o
%p
%q
Specifies the query string [prefixed with a question mark (?) if a query
string exists]
%r
%s
For requests that were redirected internally, this is the status of the
original request
%t
%{format}t
%T
%u
Specifies the remote user (from auth; may be bogus if return status (%s)
is 401)
%U
%v
%V
This is the virtual server IPv4 address in the system, if load balancing,
content switching, and/or cache redirection is used.
%V6
This is the virtual server IPv6 address in the system, if load balancing,
content switching, and/or cache redirection is used.
For example, if you define the log format as %+{user-agent}i, and if the
user agent value is Citrix Netscaler system Web Client, then the information is
logged as Citrix Netscaler system +Web+Client. An alternative is to use the
double quote (for example, %{user-agent}i, then it logs it as Citrix
Netscaler system Web Client. Do not use the <Esc> key on strings from %..
.r, %. . .i and, %. . .o. This complies with the requirements of the
Common Log Format. Note that clients can insert control characters into the log.
Therefore, you should take care when working with raw log files.
Chapter 4
99
%%
%a
Specifies the abbreviated name of the week day for the locale.
%A
Specifies the full name of the week day for the locale.
%b
%B
%C
Specifies the century number (the year divided by 100 and truncated to an integer
as a decimal number [1,99]); single digits are preceded by a 0.
%d
%e
Specifies the day of month [1,31]; single digits are preceded by a blank.
%h
%H
Specifies the hour (24-hour clock) [0,23]; single digits are preceded by a 0.
%I
Specifies the hour (12-hour clock) [1,12]; single digits are preceded by a 0.
%j
Specifies the number of the day in the year [1,366]; single digits are preceded by 0.
%k
Specifies the hour (24-hour clock) [0,23]; single digits are preceded by a blank.
%l
Specifies the hour (12-hour clock) [1,12]; single digits are preceded by a blank.
%m
Specifies the number of the month in the year [1,12]; single digits are preceded by
a 0.
%M
%n
%p
%r
Specifies the appropriate time representation in 12-hour clock format with %p.
%S
Specifies the seconds [00,61]; the range of values is [00,61] rather than [00,59] to
allow for the occasional leap second and for the double leap second.
%t
Inserts a tab.
%u
%U
Specifies the number of the week in the year as a decimal number [00,53], with
Sunday as the first day of week 1.
100
%w
%W
Specifies the number of the week in the year as a decimal number [00,53].
Monday is the first day of week 1.
%y
%Y
Note: If you specify a conversion that does not correspond to any of the ones
described in the preceding table, or to any of the modified conversion
specifications listed in the next paragraph, the behavior is undefined and returns
0.
The difference between %U and %W (and also between modified conversions %OU
and %OW) is the day considered to be the first day of the week. Week number 1 is
the first week in January (starting with a Sunday for %U, or a Monday for %W).
Week number 0 contains the days before the first Sunday or Monday in January
for %U and %W.
Make sure that the Citrix NetScaler system user name and password are
valid.
Chapter 4
2.
3.
101
Make sure that the Netscaler is accessible from the logging system by doing
the following:
102
C HAPTER 5
Advanced Configurations
You can configure network time protocol to synchronize the NetScaler's local
clock with the other servers on the network. If you enable PMTU discovery, the
NetScaler can use it to determine the maximum transmission unit of any Internet
channel. For more efficient data transfer, you can configure TCP window scaling
and selective acknowledgement. You can clear any basic or extended
configuration on your NetScaler.
In This Chapter
Configuring Clock Synchronization
Path Maximum Transmission Unit Discovery
Configuring TCP Window Scaling
Configuring Selective Acknowledgement
Clearing the Configuration
1.
104
2.
3.
4.
Copy the ntp.conf file from the /etc directory to the /nsconfig
directory. If it already exists in the /nsconfig directory, be sure to
remove the following entries from the ntp.conf file:
restrict localhost
restrict 127.0.0.2
These entries are required only if you want to run the device as a time
server, and this feature is not supported on the NetScaler.
5.
Edit /nsconfig/ntp.conf and add the IP address for the desired NTP
server under the files server and restrict entries.
7.
8.
Note: If you want to start the time synchronization process but restart the
NetScaler at a later time, run the following command from the shell prompt:
/usr/sbin/ntpd -c /nsconfig/ntp.conf -l /var/log/
ntpd.log &
This command starts the time synchronization process. If you want the process to
start every time the NetScaler is restarted, add it to the rc.netscaler file, as
described in step 6.
Chapter 5
Advanced Configurations
105
If you do not have a local NTP server, you can find a list of public, open access,
NTP servers at the official NTP site, http://www.ntp.org, under Public Time
Servers List. Before configuring your NetScaler to use a public NTP server, be
sure to read the Rules of Engagement page (link included on all Public Time
Servers pages).
Specifies
NTP Server
Minimum Poll
Interval
Maximum Poll
Interval
1.
In the navigation pane, expand System, and then click NTP Servers.
2.
3.
In the Create NTP Server dialog box, in the NTP Server text box, type
either the IP address or the name of the NTP server (for example, 1.2.3.4).
4.
In the Minimum Poll text box, type the minimum time interval after which
you want the NTP server to poll the NTP messages (for example, 5).
5.
In the Maximum Poll text box, type the maximum time interval after
which you want the NTP server to poll the NTP messages (for example,
11).
106
6.
Example
add ntp server 1.2.3.4 -minpoll 5 -maxpoll 11
1.
In the navigation pane, expand System, and then click NTP Servers.
2.
On the NTP Servers page, click the NTP server that you want to modify,
and then click Open.
3.
In the Configure NTP Server dialog box, in the Minimum Poll text box,
change the minimum time interval after which you want the NTP server to
poll the NTP messages (for example, 7).
4.
In the Maximum Poll text box, change the maximum time interval after
which you want the NTP server to poll the NTP messages (for example, 9).
5.
Click Ok.
Example
set ntp server 1.2.3.4 -minpoll 7 -maxpoll 9
1.
In the navigation pane, expand System, and then click NTP Servers.
Chapter 5
Advanced Configurations
107
2.
On the NTP Servers page, click the NTP server that you want to remove,
and then click Remove.
3.
Example
rm ntp server 1.2.3.4
1.
In the navigation pane, expand System, and then click NTP Servers.
2.
On the NTP Servers page, you can view all the NTP servers that you have
added.
1.
In the navigation pane, expand System, and then click NTP Servers.
2.
108
or
disable ntp sync
Chapter 5
Advanced Configurations
109
For client connections, the NetScaler uses an Maximum Segment Size (MSS) of
1460 bytes. If the network contains a router that fragments the packet into
multiple datagrams because of MTU mismatches, the router sends an ICMP error
to the NetScaler. The NetScaler does not pass the error to the servers it manages,
but parses it and determines an MTU appropriate for that particular client.
The NetScaler then updates the MTU database with the lower MTU. Thereafter, it
uses the new MTU value for all new connections to that client.
1.
2.
On the Settings page, under Modes & Features click Change modes.
3.
In the Configure Modes dialog box, select the Path MTU Discovery
check box to enable this feature, or clear the check box to disable it, and
click OK
or
disable ns mode PMTUD
110
The window size field in the TCP header is 16 bits, which limits the ability of the
sender to advertise a window size larger than 65535 ( 2^16 - 1). The TCP window
scale extension expands the definition of the TCP window to 30 bits by using a
scale factor to carry this value in the 16 bit window field of the TCP header. In the
NetScaler, the window scale expands the definition of the TCP window to 24 bits.
The scale factor is carried in the new TCP window scale field. This field is sent
only in a SYN packet (a segment with the SYN bit on).
The new window size is calculated by the receiver.
[right shifting the bits of the received window size by the scale factor value]
which is equivalent to
[(2^scale factor) * received window size]
Before configuring window scaling, make sure that:
You do not set a high value for the Scale Factor, because this could have
adverse effects on the NetScaler and the network.
You do not configure window scaling unless you clearly know why you
want to change the window size.
Both hosts in the TCP connection send a window scale option during
connection establishment. If only one side of a connection is sets this
option, windows scaling will not be used for the connection.
Each connection for same session (such as TCP session between Client and
NetScaler and TCP session between NetScaler and Server having the same
request/response) is an independent Window Scaling session. It is possible
to have window scaling between the client and a Citrix NetScaler and not
the a Citrix NetScaler and a server.
By default, window scaling is not enabled. The following table describes the
parameters used to configure window scaling:
Parameters
Specifies
Windows scaling
factor
1.
2.
On the Settings page, under Global Settings, click Change global system
settings.
Chapter 5
Advanced Configurations
3.
In the Configure Global Settings dialog box, under TCP, select the
Windows Scaling checkbox.
4.
In the Factor textbox, type a windows scaling factor (for example, 5).
5.
Click Ok.
111
Example
set ns tcpParam -WS ENABLED
-WSVal 5
1.
2.
On the Settings page, under Global Settings, click Change global system
settings.
3.
Example
set ns tcpParam -SACK ENABLED
112
Network settings (Default Gateway, VLAN, RHI, NTP, and DNS settings)
HA node definitions
Network settings (Default Gateway, VLAN, RHI, NTP, and DNS settings)
HA node definitions
1.
2.
3.
4.
Click Run.
Chapter 5
Example
clear ns config basic
Advanced Configurations
113
114
C HAPTER 6
Reporting Tool
The Reporting tool of Citrix NetScaler provides built-in reports that display
statistics collected by the nscollect utility. You can also create custom
reports. The reports use charts to display the statistics. You can modify the charts
and add new charts. You can also modify the operation of the nscollect utility
and stop or start its operation.
In This Chapter
Using the Reporting Tool
How Data Collection Works
1.
Use the Web browser of your choice to connect to the IP address of the
NetScaler (for example, http://10.102.29.170/).
The Web Logon screen appears.
2.
In the User Name text box, type the user name assigned to your NetScaler.
3.
4.
5.
After you have logged in, the reporting tool page appears as follows.
116
Navigation Pane
Details Pane
Report Toolbar
Chart Toolbar
Navigation Pane: The navigation pane extends down the left side of the screen. It
has two sections for each type of report: Custom Reports and Built-in Reports.
Under Custom Reports, you can access custom reports you create. Under Built-in
Reports, a collapsible menu contains links to different categories of built-in
reports. To view a report, click the report, and it appears in the right pane, which
is also called the details pane.
Details Pane: The details pane is the right portion of the Reporting page, which
displays the report you clicked in the navigation pane. You can modify a report,
create custom reports, and view reports for different time intervals using various
options available in the details pane.
Chapter 6
Reporting Tool
117
Report Toolbar: You can use the options on the report toolbar in the details pane
to do the following:
Delete reports
Change the settings of the reports and select a different data source
Chart Toolbar: Each report is a collection of charts. Beneath each chart is a chart
toolbar with options for changing the chart to a different type or charting different
counters. The chart toolbar also has icons for adding a new chart, deleting a chart,
or moving the chart up or down within the report. For more information on charts,
see Working with Charts, on page 120.
Action
Refresh
Set as default
Remove as default
118
Action
Save as
Save
1.
2.
Click a report (for example, CPU vs. Memory Usage and HTTP
Requests Rate).
Creating a Report
Use the Create function to create a new custom report, or use the Save As
function to save an existing report as a custom report.
Chapter 6
Reporting Tool
119
1.
Create or
Save As.
2.
In Report Name box, type a name for the custom report, and then click
OK.
Displays
Last hour
Last day
Last week
Last month
Last year
1.
2.
In the details pane, on the report toolbar, click a time period (for example,
Hour, Day, Week, Month, Year, and Custom).
120
1.
2.
In the Settings dialog box, in Data Source, select the data source from
which you want to retrieve the counter information.
3.
Select the Remember time selection for charts check box if you want to
apply the time interval of the currently displayed report to all the existing
reports.
4.
Select the Use Appliances time zone check box if you want the reports to
use the time settings of your NetScaler appliance.
5.
Click OK.
Adding a Chart
When you add a chart to a report, the System Overview chart appears with the
CPU Usage counter plotted for the last one hour. To plot a different group of
statistics or select a different counter, see Modifying a Chart, on page 120.
Note: If you add charts in a built-in report, you must save the report as a custom
report.
Use the following procedure to add a chart in a report.
To add a chart
1.
2.
In the details pane, on the toolbar for the chart beneath which you want to
add the new chart, click the
Add icon.
Modifying a Chart
You can modify a chart by changing the functional group for which the statistics
are displayed, and by selecting different counters.
Chapter 6
Reporting Tool
121
To modify a chart
1.
2.
In the details pane, on the toolbar for the chart that you want to modify,
click
Counters.
3.
In the dialog box that appears, in the Chart Title box, type a name for the
chart.
4.
5.
In the Counters area, under Available, click the counter name(s) you want
to plot, and then click the > button.
6.
If you selected System entities statistics in step 4, click the Entities tab
and, under Available, click the entity instance name(s) you want to plot,
and then click the > button.
7.
Click OK.
Displays statistics as
Line
Line chart
Area
Area chart
Bar
Bar chart
Stacked Area
Stacked Bar
122
1.
2.
In the details pane, under the chart you want to view, on the chart toolbar,
click a graph type, such as Area and Bar.
Note: If you have selected a built-in report, you need to save this report as
a custom report, or the changes will be lost.
Deleting a Chart
If you do not want to use a chart, you can remove it from the report. You can
permanentely remove charts from custom reports only. If you delete a chart from
a built-in report, you need to save the report as a custom report.
To delete a chart
1.
2.
In the details pane, on the toolbar for the chart that you want to delete, click
the
Delete icon.
Examples
To display the trend report for CPU usage and memory usage for the last
one day.
1.
2.
Click report CPU vs. Memory Usage and HTTP Requests Rate.
3.
On the report tool bar, click a time period (for example, Day).
To compare bytes received rate and bytes transmitted rate between two
interfaces for the last week
1.
Create.
2.
In the Report Name box, type a name for the custom report (for example,
Custom_Interfaces), and then click OK.
The report is created with the default System Overview chart, which
displays the CPU Usage counter plotted for the last hour.
3.
In the details pane, under System Overview, on the chart toolbar, click
Counters.
Chapter 6
Reporting Tool
123
4.
In the counter selection pane, in the Chart title box, type a name for the
chart (for example, Interfaces_bytes_received_and_transmitted).
5.
In Plot chart for, click System entities statistics, and then in Select
Group, select Interface.
6.
In Entities, click the interface name(s) you want to plot (for example, 1/1
ans 1/2), and then click the > button.
7.
In Counters, click the counter name(s) you want to plot (for example,
Bytes received (Rate) and Bytes transmitted (Rate)), and then click the >
button.
8.
Click OK.
9.
Limit
100
124
Limit
50
DOS Policies
100
GSLB Domains
100
GSLB Services
100
GSLB Sites
32
100
Interfaces
LB Virtual Servers
100
ACLs
100
ACL6
50
100
RNAT IP Addresses
100
SureConnect Policies
100
Services
250
Service Groups
100
System CPU
VLAN
25
Chapter 6
Reporting Tool
125
To stop nscollect
You can start nscollect on either the local system or a remote system.
To start nscollect on the local system
Example
/netscaler/nscollect start -U 10.102.29.170:nsroot:nsroot -ds
default
Example
/netscaler/nscollect import -file newnslog.24 -ds default
126
/netscaler/nscollect import -file FileName -ds DataSourceName starttime MMDDYYYYHHMM -endtime MMDDYYYYHHMM
Example
/netscaler/nscollect import -file newnslog.3 -ds default -starttime
112220080735 -endtime 112320080735
Example
/netscaler/nscollect import -file newnslog.15 -ds default -clean