Dec. 18, 2015
You can monitor the syslog events generated on your NetScaler device if you have configured your device to redirect all syslog messages to the Command Center server. To monitor syslog events, you need to first configure Command Center as the syslog server for your NetScaler.
In this section:
For information about NetScaler Syslog messages, see NetScaler Log Message Reference.
To enable Command Center to display syslog messages generated on NetScaler devices, you need to add your Command Center server as the syslog server on the NetScaler device.
add audit syslogAction <name> <serverIP> [-serverPort <port>] -logLevel <logLevel> ... [-dateFormat ( MMDDYYYY | DDMMYYYY )] [-logFacility <logFacility>] [- tcp ( NONE | ALL )] [-acl ( ENABLED | DISABLED )] [- timeZone ( GMT_TIME | LOCAL_TIME )]Example
add audit syslogAction CC_action 10.102.29.70 -serverPort 514 -logLevel ALL -dateFormat MMDDYYYY -logFacility LOCAL0 - tcp ALL -acl DISABLED -timeZone LOCAL_TIME
add audit syslogPolicy <name> <rule> <action>Example
add audit syslogpolicy CC_pol ns_true CC_action
bind system global <policyName>Example
bind system global CC_pol
After you have configured your NetScaler device to forward syslog messages to the Command Center server, you can view the syslog messages from the Command Center client.
You can configure views to monitor specific syslog events and based on the criteria you specify.
Views make it easier to monitor a large number of syslog events generated across your NetScaler infrastructure. For example, you can create a view to monitor all critical syslog events raised on log facility local0.
In this section:
You can add different views for various types of syslog events that are generated on the NetScaler devices monitored on the Citrix network. These views are based on various filter criteria, such as severity, devices, and log facility.
After creating views, you can modify the filter criteria of the views.
You can delete a view if you do not want to use it again.
A large number of syslog records can occupy an excessive amount of the Command Center server space. If you do not want the Command Center server to store obsolete syslog records generated by the devices, you can create a Filter that discards those records.
After you create the filter, the Command Center server discards the syslogs that meet the criteria you specified.
To create a Filter
On the Fault tab, in the left pane, expand Syslogs, click Filters and then click Add.