Product Documentation

Enabling Data Collection for NetScaler Gateway Appliances Deployed in Single-Hop Mode

May 04, 2017

In single-hop mode, users access the NetScaler appliances through a virtual private network (VPN).

To start collecting the reports, you must add the NetScaler Gateway appliance to the NetScaler Insight Center inventory and enable AppFlow on NetScaler Insight Center.

To enable data collection

  1. On the Configuration tab, click Inventory.
  2. From the inventory list, select the IP address of the appliance on which you want to enable data collection.
  3. On the NetScaler Insight Center Inventory Setup screen, in the Application List pane, from the View drop-down list, select VPN. A list of the SSL VPN virtual servers configured on the appliance populates a table with the following information about each virtual server:
    • IP Address—IP address of the virtual server
    • Name—Name of the virtual server
    • State—Current operational state of the virtual server. Can be UP or DOWN.
    • Type—Service type of the virtual server.
    • Insight—Data-collection status of the virtual server (ENABLED or DISABLED).
  4. Select the VPN virtual server for which you want to enable data collection.
    Note: You can enable data collection on a virtual server only if the operational state of the virtual server is UP.
  5. From the Action drop-down list, select Enable Appflow.
  6. In the Enable AppFlow dialog box, from the Select Expression drop-down list, specify the traffic to be filtered.
    Note: Currently, the only expression supported is true.

    For more information on expressions, see Policies and Expressions.

  7. From the Export Option drop-down list, select ICA.
  8. Click OK to save the configuration. If data collection is enabled, the Insight column in the Application List table displays as enabled.
    Note: If AppFlow logging is not enabled for the respective services or service groups on the NetScaler appliance, the NetScaler Insight Center dashboard does not display the records, even if the Insight column shows Enabled.
  9. To return to the inventory list, from the Action drop-down, select Return to Inventory list.
Note: The following commands are executed in the background when you enable AppFlow in single-hop mode. These commands are explicitly specified here for troubleshooting purposes.
  • add appflow collector <name> -IPAddress <ip_addr>
  • add appflow action <name> -collectors <string>
  • set appflow param -flowRecordInterval <secs>
  • disable ns feature AppFlow
  • enable ns feature AppFlow
  • add appflow policy <name> <rule> <expression>
  • set appflow policy <name> -rule <expression>
  • bind vpn vserver <vsname> -policy <string> -type <type> -priority <positive_integer>
  • set vpn vserver <name> -appflowLog ENABLED
  • save ns config