Skip to content
Was this article helpful?

appflow-param

The following operations can be performed on "appflow-param":

set| unset| show|

set appflow param

Configures AppFlow parameters.

Synopsis

set appflow param [-templateRefresh <secs>] [-appnameRefresh <secs>] [-flowRecordInterval <secs>] [-SecurityInsightRecordInterval <secs>] [-udpPmtu <positive_integer>] [-httpUrl ( ENABLED | DISABLED )] [-AAAUserName ( ENABLED | DISABLED )] [-httpCookie ( ENABLED | DISABLED )] [-httpReferer ( ENABLED | DISABLED )] [-httpMethod ( ENABLED | DISABLED )] [-httpHost ( ENABLED | DISABLED )] [-httpUserAgent ( ENABLED | DISABLED )] [-clientTrafficOnly ( YES | NO )] [-httpContentType ( ENABLED | DISABLED )] [-httpAuthorization ( ENABLED | DISABLED )] [-httpVia ( ENABLED | DISABLED )] [-httpXForwardedFor ( ENABLED | DISABLED )] [-httpLocation ( ENABLED | DISABLED )] [-httpSetCookie ( ENABLED | DISABLED )] [-httpSetCookie2 ( ENABLED | DISABLED )] [-connectionChaining ( ENABLED | DISABLED )] [-httpDomain ( ENABLED | DISABLED )] [-skipCacheRedirectionHttpTransaction ( ENABLED | DISABLED )] [-identifierName ( ENABLED | DISABLED )] [-identifierSessionName ( ENABLED | DISABLED )] [-observationDomainId <positive_integer>] [-observationDomainName <string>] [-subscriberAwareness ( ENABLED | DISABLED )] [-subscriberIdObfuscation ( ENABLED | DISABLED ) [-subscriberIdObfuscationAlgo ( MD5 | SHA256 )]] [-gxSessionReporting ( ENABLED | DISABLED )] [-SecurityInsightTraffic ( ENABLED | DISABLED )] [-cacheInsight ( ENABLED | DISABLED )] [-videoInsight ( ENABLED | DISABLED )] [-httpQueryWithUrl ( ENABLED | DISABLED )] [-urlCategory ( ENABLED | DISABLED )] [-lsnLogging ( ENABLED | DISABLED )] [-cqaReporting ( ENABLED | DISABLED )] [-emailAddress ( ENABLED | DISABLED )] [-usageRecordInterval <secs>] [-metrics ( ENABLED | DISABLED )] [-events ( ENABLED | DISABLED )] [-auditlogs ( ENABLED | DISABLED )] [-observationPointId <positive_integer>] [-distributedTracing ( ENABLED | DISABLED )] [-distTracingSamplingRate <positive_integer>] [-tcpAttackCounterInterval <secs>] [-logstreamOverNSIP ( ENABLED | DISABLED )] [-AAAInsight ( ENABLED | DISABLED )]

Arguments

templateRefresh

Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals. Default value: 600 Minimum value: 60 Maximum value: 3600

appnameRefresh

Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the Citrix ADC. Default value: 600 Minimum value: 60 Maximum value: 3600

flowRecordInterval

Interval, in seconds, at which to send flow records to the configured collectors. Default value: 60 Minimum value: 60 Maximum value: 3600

SecurityInsightRecordInterval

Interval, in seconds, at which to send security insight flow records to the configured collectors. Default value: 600 Minimum value: 60 Maximum value: 3600

udpPmtu

MTU, in bytes, for IPFIX UDP packets. Default value: 1472 Minimum value: 128 Maximum value: 1472

httpUrl

Include the http URL that the Citrix ADC received from the client.

Possible values: ENABLED, DISABLED Default value: DISABLED

AAAUserName

Enable AppFlow AAA Username logging.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpCookie

Include the cookie that was in the HTTP request the appliance received from the client.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpReferer

Include the web page that was last visited by the client.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpMethod

Include the method that was specified in the HTTP request that the appliance received from the client.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpHost

Include the host identified in the HTTP request that the appliance received from the client.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpUserAgent

Include the client application through which the HTTP request was received by the Citrix ADC.

Possible values: ENABLED, DISABLED Default value: DISABLED

clientTrafficOnly

Generate AppFlow records for only the traffic from the client.

Possible values: YES, NO Default value: NO

httpContentType

Include the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpAuthorization

Include the HTTP Authorization header information.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpVia

Include the httpVia header which contains the IP address of proxy server through which the client accessed the server.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpXForwardedFor

Include the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpLocation

Include the HTTP location headers returned from the HTTP responses.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpSetCookie

Include the Set-cookie header sent from the server to the client in response to a HTTP request.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpSetCookie2

Include the Set-cookie header sent from the server to the client in response to a HTTP request.

Possible values: ENABLED, DISABLED Default value: DISABLED

connectionChaining

Enable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across Citrix ADCs, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record

Possible values: ENABLED, DISABLED Default value: DISABLED

httpDomain

Include the http domain request to be exported.

Possible values: ENABLED, DISABLED Default value: DISABLED

skipCacheRedirectionHttpTransaction

Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.

Possible values: ENABLED, DISABLED Default value: DISABLED

identifierName

Include the stream identifier name to be exported.

Possible values: ENABLED, DISABLED Default value: DISABLED

identifierSessionName

Include the stream identifier session name to be exported.

Possible values: ENABLED, DISABLED Default value: DISABLED

observationDomainId

An observation domain groups a set of Citrix ADCs based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group. Default value: 0 Minimum value: 1000

observationDomainName

Name of the Observation Domain defined by the observation domain ID.

subscriberAwareness

Enable this option for logging end user MSISDN in L4/L7 appflow records

Possible values: ENABLED, DISABLED Default value: DISABLED

subscriberIdObfuscation

Enable this option for obfuscating MSISDN in L4/L7 appflow records

Possible values: ENABLED, DISABLED Default value: DISABLED

subscriberIdObfuscationAlgo

Algorithm(MD5 or SHA256) to be used for obfuscating MSISDN

Possible values: MD5, SHA256 Default value: MD5

gxSessionReporting

Enable this option for Gx session reporting

Possible values: ENABLED, DISABLED Default value: DISABLED

SecurityInsightTraffic

Enable/disable the feature individually on appflow action.

Possible values: ENABLED, DISABLED Default value: DISABLED

cacheInsight

Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records

Possible values: ENABLED, DISABLED Default value: DISABLED

videoInsight

Enable/disable the feature individually on appflow action.

Possible values: ENABLED, DISABLED Default value: DISABLED

httpQueryWithUrl

Include the HTTP query segment along with the URL that the Citrix ADC received from the client.

Possible values: ENABLED, DISABLED Default value: DISABLED

urlCategory

Include the URL category record.

Possible values: ENABLED, DISABLED Default value: DISABLED

lsnLogging

On enabling this option, the Citrix ADC will send the Large Scale Nat(LSN) records to the configured collectors.

Possible values: ENABLED, DISABLED Default value: DISABLED

cqaReporting

TCP CQA reporting enable/disable knob.

Possible values: ENABLED, DISABLED Default value: DISABLED

emailAddress

Enable AppFlow user email-id logging.

Possible values: ENABLED, DISABLED Default value: DISABLED

usageRecordInterval

On enabling this option, the NGS will send bandwidth usage record to configured collectors. Default value: 0 Minimum value: 0 Maximum value: 7200

metrics

Enable Citrix ADC Stats to be sent to the Telemetry Agent

Possible values: ENABLED, DISABLED Default value: DISABLED

events

Enable Events to be sent to the Telemetry Agent

Possible values: ENABLED, DISABLED Default value: DISABLED

auditlogs

Enable Auditlogs to be sent to the Telemetry Agent

Possible values: ENABLED, DISABLED Default value: DISABLED

observationPointId

An observation point ID is identifier for the NetScaler from which appflow records are being exported. By default, the NetScaler IP is the observation point ID. Minimum value: 1

distributedTracing

Enable generation of the distributed tracing templates in the Appflow records

Possible values: ENABLED, DISABLED Default value: DISABLED

distTracingSamplingRate

Sampling rate for Distributed Tracing Default value: 0 Minimum value: 0 Maximum value: 100

tcpAttackCounterInterval

Interval, in seconds, at which to send tcp attack counters to the configured collectors. If 0 is configured, the record is not sent. Default value: 0 Maximum value: 3600

logstreamOverNSIP

To use the Citrix ADC IP to send Logstream records instead of the SNIP

Possible values: ENABLED, DISABLED Default value: DISABLED

AAAInsight

Enable/Disable AAA insights.

Possible values: ENABLED, DISABLED Default value: DISABLED

Example

set appflow param -templateRefresh 240

unset appflow param

Use this command to remove appflow param settings.Refer to the set appflow param command for meanings of the arguments.

Synopsis

unset appflow param [-templateRefresh] [-appnameRefresh] [-flowRecordInterval] [-SecurityInsightRecordInterval] [-udpPmtu] [-httpUrl] [-AAAUserName] [-httpCookie] [-httpReferer] [-httpMethod] [-httpHost] [-httpUserAgent] [-clientTrafficOnly] [-httpContentType] [-httpAuthorization] [-httpVia] [-httpXForwardedFor] [-httpLocation] [-httpSetCookie] [-httpSetCookie2] [-connectionChaining] [-httpDomain] [-skipCacheRedirectionHttpTransaction] [-identifierName] [-identifierSessionName] [-observationDomainId] [-observationDomainName] [-subscriberAwareness] [-subscriberIdObfuscation] [-subscriberIdObfuscationAlgo] [-gxSessionReporting] [-SecurityInsightTraffic] [-cacheInsight] [-videoInsight] [-httpQueryWithUrl] [-urlCategory] [-lsnLogging] [-cqaReporting] [-emailAddress] [-usageRecordInterval] [-metrics] [-events] [-auditlogs] [-observationPointId] [-distributedTracing] [-distTracingSamplingRate] [-tcpAttackCounterInterval] [-logstreamOverNSIP] [-AAAInsight]

show appflow param

Displays AppFlow parameters.

Synopsis

show appflow param

Arguments

Output

templateRefresh

Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.

appnameRefresh

Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the Citrix ADC.

flowRecordInterval

Interval, in seconds, at which to send flow records to the configured collectors.

SecurityInsightRecordInterval

Interval, in seconds, at which to send security insight flow records to the configured collectors.

udpPmtu

MTU, in bytes, for IPFIX UDP packets.

httpUrl

State of AppFlow HTTP URL logging.

AAAUserName

State of AppFlow AAA User logging.

httpCookie

State of AppFlow HTTP cookie logging.

httpReferer

State of AppFlow HTTP referer logging.

httpMethod

State of AppFlow HTTP method logging.

httpHost

State of AppFlow HTTP host logging.

httpUserAgent

State of AppFlow HTTP user-agent logging.

clientTrafficOnly

Generate AppFlow records for only the traffic from the client.

httpContentType

State of AppFlow HTTP Content-Type header logging

httpAuthorization

State of AppFlow HTTP Authorization header logging

httpVia

State of AppFlow HTTP Via header logging

httpXForwardedFor

State of AppFlow HTTP X-Forwarded-For header logging

httpLocation

State of AppFlow HTTP Location header logging

httpSetCookie

State of AppFlow HTTP Setcookie header logging

httpSetCookie2

State of AppFlow HTTP Setcookie2 header logging

connectionChaining

State of connection-chaining feature

httpDomain

State of AppFlow HTTP Domain name logging

skipCacheRedirectionHttpTransaction

Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.

identifierName

State of AppFlow Stream Identifier Name logging

identifierSessionName

State of AppFlow Stream Identifier Session Name logging

observationDomainId

An observation domain groups a set of Citrix ADCs based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.

observationPointId

An observation point ID is identifier for the NetScaler from which appflow records are being exported. By default, the NetScaler IP is the observation point ID.

observationDomainName

Name of the Observation Domain defined by the observation domain ID.

builtin

Flag to determine if the appflow param is built-in or not

feature

The feature to be checked while applying this config

SecurityInsightTraffic

State of Security Insight traffic exporting

subscriberAwareness

Enable this option for logging end user MSISDN in L4/L7 appflow records

subscriberIdObfuscation

Enable this option for obfuscating MSISDN in L4/L7 appflow records

subscriberIdObfuscationAlgo

Algorithm(MD5 or SHA256) to be used for obfuscating MSISDN

gxSessionReporting

Enable this option for Gx session reporting

cacheInsight

Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records

videoInsight

Enable/disable the feature individually on appflow action.

httpQueryWithUrl

Include the HTTP query segment along with the URL that the Citrix ADC received from the client.

tcpBurstReporting

TCP burst reporting enable/disable knob.

tcpBurstReportingThreshold

TCP burst reporting threshold.

urlCategory

Include the URL category record.

lsnLogging

On enabling this option, the Citrix ADC will send the Large Scale Nat(LSN) records to the configured collectors.

cqaReporting

TCP CQA reporting enable/disable knob.

emailAddress

Enable AppFlow user email-id logging.

usageRecordInterval

On enabling this option, the NGS will send bandwidth usage record to configured collectors.

metrics

Enable Citrix ADC Stats to be sent to the Telemetry Agent

events

Enable Events to be sent to the Telemetry Agent

auditlogs

Enable Auditlogs to be sent to the Telemetry Agent

distributedTracing

Enable generation of the distributed tracing templates in the Appflow records

distTracingSamplingRate

Sampling rate for Distributed Tracing

tcpAttackCounterInterval

Interval, in seconds, at which to send tcp attack counters to the configured collectors. If 0 is configured, the record is not sent.

logstreamOverNSIP

To use the Citrix ADC IP to send Logstream records instead of the SNIP

AAAInsight

Enable/Disable AAA insights.

Was this article helpful?