appflowparam¶
Configuration for AppFlow parameter resource.
Properties¶
(click to see Operations)
| Name | Data Type | Permissions | Description |
|---|---|---|---|
| templaterefresh | <Double> | Read-write | Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.<br>Default value: 600<br>Minimum value = 60<br>Maximum value = 3600 |
| appnamerefresh | <Double> | Read-write | Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the NetScaler appliance.<br>Default value: 600<br>Minimum value = 60<br>Maximum value = 3600 |
| flowrecordinterval | <Double> | Read-write | Interval, in seconds, at which to send flow records to the configured collectors.<br>Default value: 60<br>Minimum value = 60<br>Maximum value = 3600 |
| securityinsightrecordinterval | <Double> | Read-write | Interval, in seconds, at which to send security insight flow records to the configured collectors.<br>Default value: 600<br>Minimum value = 60<br>Maximum value = 3600 |
| udppmtu | <Double> | Read-write | MTU, in bytes, for IPFIX UDP packets.<br>Default value: 1472<br>Minimum value = 128<br>Maximum value = 1472 |
| httpurl | <String> | Read-write | Include the http URL that the NetScaler appliance received from the client.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| aaausername | <String> | Read-write | Enable AppFlow AAA Username logging.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpcookie | <String> | Read-write | Include the cookie that was in the HTTP request the appliance received from the client.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpreferer | <String> | Read-write | Include the web page that was last visited by the client.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpmethod | <String> | Read-write | Include the method that was specified in the HTTP request that the appliance received from the client.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httphost | <String> | Read-write | Include the host identified in the HTTP request that the appliance received from the client.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpuseragent | <String> | Read-write | Include the client application through which the HTTP request was received by the NetScaler appliance.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| clienttrafficonly | <String> | Read-write | Generate AppFlow records for only the traffic from the client.<br>Default value: NO<br>Possible values = YES, NO |
| httpcontenttype | <String> | Read-write | Include the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpauthorization | <String> | Read-write | Include the HTTP Authorization header information.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpvia | <String> | Read-write | Include the httpVia header which contains the IP address of proxy server through which the client accessed the server.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpxforwardedfor | <String> | Read-write | Include the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httplocation | <String> | Read-write | Include the HTTP location headers returned from the HTTP responses.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpsetcookie | <String> | Read-write | Include the Set-cookie header sent from the server to the client in response to a HTTP request.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpsetcookie2 | <String> | Read-write | Include the Set-cookie header sent from the server to the client in response to a HTTP request.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| connectionchaining | <String> | Read-write | Enable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across NetScalers, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpdomain | <String> | Read-write | Include the http domain request to be exported.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| skipcacheredirectionhttptransaction | <String> | Read-write | Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| identifiername | <String> | Read-write | Include the stream identifier name to be exported.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| identifiersessionname | <String> | Read-write | Include the stream identifier session name to be exported.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| observationdomainid | <Double> | Read-write | An observation domain groups a set of NetScalers based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.<br>Default value: 0<br>Minimum value = 1000 |
| observationdomainname | <String> | Read-write | Name of the Observation Domain defined by the observation domain ID.<br>Maximum length = 127 |
| subscriberawareness | <String> | Read-write | Enable this option for logging end user MSISDN in L4/L7 appflow records.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| subscriberidobfuscation | <String> | Read-write | Enable this option for obfuscating MSISDN in L4/L7 appflow records.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| securityinsighttraffic | <String> | Read-write | Flag to determine whether security insight traffic needs to be exported or not.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| cacheinsight | <String> | Read-write | Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| videoinsight | <String> | Read-write | Flag to determine whether video records need to be exported or not. If this flag is true and video optimization feature is enabled, video records are exported.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| httpquerywithurl | <String> | Read-write | Include the HTTP query segment along with the URL that the NetScaler received from the client.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| urlcategory | <String> | Read-write | Include the URL category record.<br>Default value: DISABLED<br>Possible values = ENABLED, DISABLED |
| builtin | <String[]> | Read-only | Flag to determine if the appflow param is built-in or not.<br>Possible values = MODIFIABLE, DELETABLE, IMMUTABLE, PARTITION_ALL |
| tcpburstreporting | <String> | Read-only | TCP burst reporting enable/disable knob.<br>Default value: ENABLED<br>Possible values = ENABLED, DISABLED |
| tcpburstreportingthreshold | <Double> | Read-only | TCP burst reporting threshold.<br>Default value: 1500<br>Minimum value = 10<br>Maximum value = 5000 |
Operations¶
(click to see Properties)
Some options that you can use for each operations:
Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:
http://<netscaler-ip-address>/nitro/v1/config/login?warning=yes
If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,
To do this, you must specify the username and password in the request header of the NITRO request as follows:
X-NITRO-USER:<username>
X-NITRO-PASS:<password>
Note: In such cases, make sure that the request header DOES not include the following:
Cookie:NITRO_AUTH_TOKEN=<tokenvalue>
Note:
Mandatory parameters are marked in red and placeholder content is marked in <green>.
update¶
URL: http://<netscaler-ip-address>/nitro/v1/config/appflowparam
HTTP Method: PUT
Request Headers:
Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json
Request Payload:
{"appflowparam":{
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationdomainname":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"securityinsighttraffic":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"urlcategory":<String_value>
}}
Response:
HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
unset¶
URL: http://<netscaler-ip-address>/nitro/v1/config/appflowparam?action=unset
HTTP Method: POST
Request Headers:
Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Content-Type:application/json
Request Payload:
{"appflowparam":{
"templaterefresh":true,
"appnamerefresh":true,
"flowrecordinterval":true,
"securityinsightrecordinterval":true,
"udppmtu":true,
"httpurl":true,
"aaausername":true,
"httpcookie":true,
"httpreferer":true,
"httpmethod":true,
"httphost":true,
"httpuseragent":true,
"clienttrafficonly":true,
"httpcontenttype":true,
"httpauthorization":true,
"httpvia":true,
"httpxforwardedfor":true,
"httplocation":true,
"httpsetcookie":true,
"httpsetcookie2":true,
"connectionchaining":true,
"httpdomain":true,
"skipcacheredirectionhttptransaction":true,
"identifiername":true,
"identifiersessionname":true,
"observationdomainid":true,
"observationdomainname":true,
"subscriberawareness":true,
"subscriberidobfuscation":true,
"securityinsighttraffic":true,
"cacheinsight":true,
"videoinsight":true,
"httpquerywithurl":true,
"urlcategory":true
}}
Response:
HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error
get (all)¶
URL: http://<netscaler-ip-address>/nitro/v1/config/appflowparam
HTTP Method: GET
Request Headers:
Cookie:NITRO_AUTH_TOKEN=<tokenvalue> Accept:application/json
Response:
HTTP Status Code on Success: 200 OK HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the errorResponse Headers:
Content-Type:application/json
Response Payload:
{ "appflowparam": [ {
"templaterefresh":<Double_value>,
"appnamerefresh":<Double_value>,
"flowrecordinterval":<Double_value>,
"securityinsightrecordinterval":<Double_value>,
"udppmtu":<Double_value>,
"httpurl":<String_value>,
"aaausername":<String_value>,
"httpcookie":<String_value>,
"httpreferer":<String_value>,
"httpmethod":<String_value>,
"httphost":<String_value>,
"httpuseragent":<String_value>,
"clienttrafficonly":<String_value>,
"httpcontenttype":<String_value>,
"httpauthorization":<String_value>,
"httpvia":<String_value>,
"httpxforwardedfor":<String_value>,
"httplocation":<String_value>,
"httpsetcookie":<String_value>,
"httpsetcookie2":<String_value>,
"connectionchaining":<String_value>,
"httpdomain":<String_value>,
"skipcacheredirectionhttptransaction":<String_value>,
"identifiername":<String_value>,
"identifiersessionname":<String_value>,
"observationdomainid":<Double_value>,
"observationdomainname":<String_value>,
"builtin":<String[]_value>,
"securityinsighttraffic":<String_value>,
"subscriberawareness":<String_value>,
"subscriberidobfuscation":<String_value>,
"cacheinsight":<String_value>,
"videoinsight":<String_value>,
"httpquerywithurl":<String_value>,
"tcpburstreporting":<String_value>,
"tcpburstreportingthreshold":<Double_value>,
"urlcategory":<String_value>
}]}