Product Documentation

Configuring Auditing on Citrix Gateway

Citrix Gateway allows you to log the states and status information that the appliance collects. You can use the audit logs to view the event history in chronological order. The messages within the logs contain information about the event that generated the message, a time stamp, the message type, and predefined log levels and message information. You can configure settings that determine the information that is logged and the location where the messages are stored.

Citrix Gateway currently supports two log formats: a proprietary log format for local logs, and the syslog format for use with syslog servers. You can configure the audit logs to provide the following information:

Level Description
EMERGENCY Logs major errors only. Entries in the log indicate that Citrix Gateway is experiencing a critical problem that is causing it to be unusable.
ALERT Logs problems that might cause Citrix Gateway to function incorrectly, but are not critical to its operation. Corrective action should be taken as soon as possible to prevent Citrix Gateway from experiencing a critical problem.
CRITICAL Logs critical conditions that do not restrict the operation of Citrix Gateway, but might escalate to a larger problem.
ERROR Logs entries that result from a failed operation on Citrix Gateway.
WARNING Logs potential issues that could result in an error or a critical error.
NOTICE Logs more in-depth issues than the information level log, but serves the same purpose as notification.
INFORMATION Log actions taken by Citrix Gateway. This level is useful for troubleshooting problems.

The Citrix Gateway audit log also stores compression statistics for Citrix Gateway if you configure TCP compression. The compression ratio achieved for different data is stored in the log file for each user session.

Citrix Gateway uses the log signature SessionID. This allows you to track logs per session rather than per user. Logs that are generated as part of a session have the same SessionID. If a user establishes two sessions from the same user device with the same IP address, each session has a unique SessionID.

Important: If you have written custom log parsing scripts, you need to make this signature change within the custom parsing scripts.

Configuring Auditing on Citrix Gateway

In this article