...
Property | Default Value | Description |
Protocol | UDP | The default protocol for syslog. The collector can also accept logs in TCP. |
Port | 514 | The default port for UDP. For TCP, the default port is 601. |
IP Address | Citrix NetScaler IP Address | Logging device IP address mentioned in the Pre-Installation Questionnaire (PIQ). |
Signatures | AAA EXTRACTED_GROUPS,AAA LOGIN_FAILED,AAA EXTRACTED_GROUPS, UI CMD_EXECUTED, SSLVPN LOGIN, SSLVPN LOGOUT SSLVPN ICASTART, SSLVPN ICAEND_CONNSTAT, SSLVPN TCPCONNSTAT, SSLVPN TCPCONN_TIMEDOUT SSLVPN UDPFLOWSTAT, SSLVPN HTTPREQUEST, SSLVPN NONHTTP_RESOURCEACCESS_DENIED SSLVPN HTTP_RESOURCEACCESS_DENIED, SSLVPN CLISEC_CHECK, SSLVPN CLISEC_EXP_EVALEVENT DEVICEUP EVENT DEVICEDOWN, SNMP TRAP_SENT, EVENT MONITORUP, EVENT MONITORDOWN, APPFW APPFW_STARTURL, APPFW APPFW_DENYURL APPFW APPFWMessage,AAATM HTTP_RESOURCEACCESS_DENIED,AAATM LOGIN,AAATM LOGOUT,AAATM Message,ACL ACL_PKT_LOG,ACL ACL6_PKT_LOG,ALG ALG_,API CMD_EXECUTED,APPFW AF_400_RESP,APPFW AF_MALFORMED_REQ_ERR,APPFW AF_,APPFW APPFW_BUFFEROVERFLOW_COOKIE,APPFW APPFW_BUFFEROVERFLOW_COOKIEHDR,APPFW APPFW_BUFFEROVERFLOW_URL,APPFW APPFW_BUFFEROVERFLOW_HDRCOOKIE,APPFW APPFW_CSRF_SAFECOMMERCETAG,APPFW APPFW_SAFEOBJECTDENYURL,APPFW APPFW_FIELDCONSISTENCY,APPFW APPFW_FIELDFORMAT,APPFW APPFW_POLICY_HIT,APPFW APPFW_POLICY_HIT_BUILTIN,APPFW APPFW_CSRFREFERER_TAGHEADER,APPFW APPFW_XSSSAFECOMMERCE,APPFW APPFW_SQLSAFEOBJECT,APPFW APPFW_XML_ERR_NOT_WELLFORMEDSIGNATURE_MATCH,APPFW APPFW_SQL,APPFW APPFW_STARTURL,APPFW APPFW_XML_DOS_ERR_MAX_NAMESPACES,APPFW APPFW_XML_XSS_ERR_NOT_WELLFORMED,APPFW APPFW_XML_SQL, APPFW AF_400_RESPAPPFW APPFW_XML_VALIDATION_ERR_INVALID_ELEMENT,APPFW APPFW_POLICY_HITXML_WSI_ERR_BODY_ENV_NAMESPACE,APPFW APPFW_POLICY_HIT_BUILTINXML_XSS,APPFW APPFW_XSS,APPFW APPFW_SIGNATURE_MATCHAPPFW ,APPFW Message,APPFW_XMLRESP AF_VALIDATION_ERR_INVALID_ELEMENT APPFW APPFW,APPFW_RESP APPFW_XML_WSI_ERR_BODY_ENV_NAMESPACENOT_WELLFORMED,APPFW_RESP APPFW_XML_VALIDATION_ERR_INVALID_ELEMENT,APPFW_RESP APPFW_XML_WSI_ERR_BODY_ENV_NAMESPACE,APPFW_RESP APPFW_FIELDFORMAT, APPFW APPFW_REFERER_HEADER, APPFW AF_MALFORMED_REQ_ERRAPPFW_RESP APPFW_XML_ERR_NOT_WELLFORMED, GUI BOT BOT_,CI ICAP_LOG,CI ICAPC_LOG,CI INLINE_INSPECTION_LOG,CI TRAFFIC_MIRROR_LOG,CLI CMD_EXECUTED, CLI CONSOLE CMD_EXECUTED, EVENTSTARTSAVECONFIG, EVENT STOPSAVECONFIG,DNS DNS_,EVENT ALERTENDED,EVENT ALERTSTARTED,EVENT BACKUPMEP6DOWN,EVENT BACKUPMEP6UP,EVENT BACKUPMEPDOWN,EVENT BACKUPMEPUP,EVENT CACHESTARTFLUSH,EVENT CACHESTOPFLUSH,EVENT CONFIGEND,EVENT CONFIGSTART,EVENT DEVICEDOWN,EVENT DEVICEOFS,EVENT DEVICEUP,EVENT DHCPCAQUIRE,EVENT DHCPCDEPENDPBR,EVENT DHCPCRELEASE,EVENT DHCPSVRERR,EVENT FREEBADMEM,EVENT FREEDUPMEM,EVENT FREEEXTMEM,EVENT MEPDOWN,EVENT MEPUP,EVENT MONITORDOWN,EVENT MONITORTH,EVENT MONITORUP,EVENT NICHANG,EVENT NICLACPSC,EVENT NICLOW_THROUGHPUT,EVENT NICMIGRATE,EVENT NICNORMAL_THROUGHPUT,EVENT NICPOWEROFF,EVENT NICPOWERON,EVENT NICRESET,EVENT NICSTART,EVENT NICSTOP,EVENT NWMEPDOWN,EVENT NWMEPUP,EVENT PROPFAIL,EVENT PROPSUCCESS,EVENT ROUTE6DOWN,EVENT ROUTE6UP,EVENT ROUTEDOWN,EVENT ROUTEUP,EVENT STARTCPU,EVENT STARTSAVECONFIG,EVENT STARTSYS,EVENT STOPSAVECONFIG,EVENT STOPSYS,EVENT VIPRHIDOWN,EVENT VIPRHIUP,EVENT VRID6DOWN,EVENT VRIDDOWN,EVENT VRIDINIT,EVENT VRIDUP,GUI CMD_EXECUTED,ICA Message,LSN PPTP_LOG,LSN LSN_,NSIP6 IPV6_DUPLICATED,PITBOSS PB_,PITBOSS PITBOSS,ROUTING ROUTE_,ROUTING ZEBOS_,SNMP TRAP_,SNMP TRAP_SENT,SSLI BYPASS_LOG,SSLI DROPPED_LOG,SSLI INTERCEPT_LOG,SSLLOG SSL_,SSLVPN CLISEC_CHECK,SSLVPN CLISEC_EXP_EVAL,SSLVPN HTTP_RESOURCEACCESS_DENIED,SSLVPN HTTPREQUEST,SSLVPN ICAEND_CONNSTAT,SSLVPN ICASTART,SSLVPN LICLMT_REACHED,SSLVPN LOGIN,SSLVPN LOGOUT,SSLVPN Message,SSLVPN NONHTTP_RESOURCEACCESS_DENIED,SSLVPN STA_VALIDATE_RESP,SSLVPN TCPCONN_TIMEDOUT,SSLVPN TCPCONNSTAT,SSLVPN UDPFLOWSTAT,SUBSCRIBER SESSION_,TCP CONN_,TCP NAT_,TCP OTHERCONN_,TRANSFORM PCRE_ERROR,TRANSFORM REQ_,UI CMD_EXECUTED,URLFILT URLFILT_LOG | MDR recommended signatures processed by the Citrix NetScaler event collector. |
...