Product Documentation

appflowparam

Sep 01, 2016

Configuration for AppFlow parameter resource.

Properties (click to see Operations)

Name Data Type Permissions Description
templaterefresh
<Double>
Read-write
Refresh interval, in seconds, at which to export the template data. Because data transmission is in UDP, the templates must be resent at regular intervals.
Default value: 600
Minimum value = 60
Maximum value = 3600
appnamerefresh
<Double>
Read-write
Interval, in seconds, at which to send Appnames to the configured collectors. Appname refers to the name of an entity (virtual server, service, or service group) in the NetScaler appliance.
Default value: 600
Minimum value = 60
Maximum value = 3600
flowrecordinterval
<Double>
Read-write
Interval, in seconds, at which to send flow records to the configured collectors.
Default value: 60
Minimum value = 60
Maximum value = 3600
securityinsightrecordinterval
<Double>
Read-write
Interval, in seconds, at which to send security insight flow records to the configured collectors.
Default value: 600
Minimum value = 60
Maximum value = 3600
udppmtu
<Double>
Read-write
MTU, in bytes, for IPFIX UDP packets.
Default value: 1472
Minimum value = 128
Maximum value = 1472
httpurl
<String>
Read-write
Include the http URL that the NetScaler appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
aaausername
<String>
Read-write
Enable AppFlow AAA Username logging.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpcookie
<String>
Read-write
Include the cookie that was in the HTTP request the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpreferer
<String>
Read-write
Include the web page that was last visited by the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpmethod
<String>
Read-write
Include the method that was specified in the HTTP request that the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httphost
<String>
Read-write
Include the host identified in the HTTP request that the appliance received from the client.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpuseragent
<String>
Read-write
Include the client application through which the HTTP request was received by the NetScaler appliance.
Default value: DISABLED
Possible values = ENABLED, DISABLED
clienttrafficonly
<String>
Read-write
Generate AppFlow records for only the traffic from the client.
Default value: NO
Possible values = YES, NO
httpcontenttype
<String>
Read-write
Include the HTTP Content-Type header sent from the server to the client to determine the type of the content sent.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpauthorization
<String>
Read-write
Include the HTTP Authorization header information.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpvia
<String>
Read-write
Include the httpVia header which contains the IP address of proxy server through which the client accessed the server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpxforwardedfor
<String>
Read-write
Include the httpXForwardedFor header, which contains the original IP Address of the client using a proxy server to access the server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httplocation
<String>
Read-write
Include the HTTP location headers returned from the HTTP responses.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpsetcookie
<String>
Read-write
Include the Set-cookie header sent from the server to the client in response to a HTTP request.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpsetcookie2
<String>
Read-write
Include the Set-cookie header sent from the server to the client in response to a HTTP request.
Default value: DISABLED
Possible values = ENABLED, DISABLED
connectionchaining
<String>
Read-write
Enable connection chaining so that the client server flows of a connection are linked. Also the connection chain ID is propagated across NetScalers, so that in a multi-hop environment the flows belonging to the same logical connection are linked. This id is also logged as part of appflow record.
Default value: DISABLED
Possible values = ENABLED, DISABLED
httpdomain
<String>
Read-write
Include the http domain request to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
skipcacheredirectionhttptransaction
<String>
Read-write
Skip Cache http transaction. This HTTP transaction is specific to Cache Redirection module. In Case of Cache Miss there will be another HTTP transaction initiated by the cache server.
Default value: DISABLED
Possible values = ENABLED, DISABLED
identifiername
<String>
Read-write
Include the stream identifier name to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
identifiersessionname
<String>
Read-write
Include the stream identifier session name to be exported.
Default value: DISABLED
Possible values = ENABLED, DISABLED
observationdomainid
<Double>
Read-write
An observation domain groups a set of NetScalers based on deployment: cluster, HA etc. A unique Observation Domain ID is required to be assigned to each such group.
Default value: 0
Minimum value = 1000
observationdomainname
<String>
Read-write
Name of the Observation Domain defined by the observation domain ID.
Maximum length = 127
subscriberawareness
<String>
Read-write
Enable this option for logging end user MSISDN in L4/L7 appflow records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
securityinsighttraffic
<String>
Read-write
Flag to determine whether security insight traffic needs to be exported or not.
Default value: DISABLED
Possible values = ENABLED, DISABLED
cacheinsight
<String>
Read-write
Flag to determine whether cache records need to be exported or not. If this flag is true and IC is enabled, cache records are exported instead of L7 HTTP records.
Default value: DISABLED
Possible values = ENABLED, DISABLED
builtin
<String[]>
Read-only
Flag to determine if the appflow param is built-in or not.
Possible values = MODIFIABLE, DELETABLE, IMMUTABLE, PARTITION_ALL

Operations (click to see Properties)

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the "warning" query parameter as "yes". For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http://<netscaler-ip-address>/nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code "209 X-NITRO-WARNING".

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER:<username>

    X-NITRO-PASS:<password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN=<tokenvalue>

메모

Mandatory parameters are marked in red and placeholder content is marked in <green>.

update

URL: http://<netscaler-ip-address>/nitro/v1/config/appflowparam

HTTP Method: PUT

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>
Content-Type:application/json

Request Payload:

{"appflowparam":{
      "templaterefresh":<Double_value>,
      "appnamerefresh":<Double_value>,
      "flowrecordinterval":<Double_value>,
      "securityinsightrecordinterval":<Double_value>,
      "udppmtu":<Double_value>,
      "httpurl":<String_value>,
      "aaausername":<String_value>,
      "httpcookie":<String_value>,
      "httpreferer":<String_value>,
      "httpmethod":<String_value>,
      "httphost":<String_value>,
      "httpuseragent":<String_value>,
      "clienttrafficonly":<String_value>,
      "httpcontenttype":<String_value>,
      "httpauthorization":<String_value>,
      "httpvia":<String_value>,
      "httpxforwardedfor":<String_value>,
      "httplocation":<String_value>,
      "httpsetcookie":<String_value>,
      "httpsetcookie2":<String_value>,
      "connectionchaining":<String_value>,
      "httpdomain":<String_value>,
      "skipcacheredirectionhttptransaction":<String_value>,
      "identifiername":<String_value>,
      "identifiersessionname":<String_value>,
      "observationdomainid":<Double_value>,
      "observationdomainname":<String_value>,
      "subscriberawareness":<String_value>,
      "securityinsighttraffic":<String_value>,
      "cacheinsight":<String_value>
}}

Response:

HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

unset

URL: http://<netscaler-ip-address>/nitro/v1/config/appflowparam?action=unset

HTTP Method: POST

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>
Content-Type:application/json

Request Payload:

{"appflowparam":{
      "templaterefresh":true,
      "appnamerefresh":true,
      "flowrecordinterval":true,
      "securityinsightrecordinterval":true,
      "udppmtu":true,
      "httpurl":true,
      "aaausername":true,
      "httpcookie":true,
      "httpreferer":true,
      "httpmethod":true,
      "httphost":true,
      "httpuseragent":true,
      "clienttrafficonly":true,
      "httpcontenttype":true,
      "httpauthorization":true,
      "httpvia":true,
      "httpxforwardedfor":true,
      "httplocation":true,
      "httpsetcookie":true,
      "httpsetcookie2":true,
      "connectionchaining":true,
      "httpdomain":true,
      "skipcacheredirectionhttptransaction":true,
      "identifiername":true,
      "identifiersessionname":true,
      "observationdomainid":true,
      "observationdomainname":true,
      "subscriberawareness":true,
      "securityinsighttraffic":true,
      "cacheinsight":true
}}

Response:

HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

get (all)

URL: http://<netscaler-ip-address>/nitro/v1/config/appflowparam

HTTP Method: GET

Request Headers:

Cookie:NITRO_AUTH_TOKEN=<tokenvalue>
Accept:application/json

Response:

HTTP Status Code on Success: 200 OK
HTTP Status Code on Failure: 4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error

Response Headers:

Content-Type:application/json

Response Payload:

{ "appflowparam": [ {
      "templaterefresh":<Double_value>,
      "appnamerefresh":<Double_value>,
      "flowrecordinterval":<Double_value>,
      "securityinsightrecordinterval":<Double_value>,
      "udppmtu":<Double_value>,
      "httpurl":<String_value>,
      "aaausername":<String_value>,
      "httpcookie":<String_value>,
      "httpreferer":<String_value>,
      "httpmethod":<String_value>,
      "httphost":<String_value>,
      "httpuseragent":<String_value>,
      "clienttrafficonly":<String_value>,
      "httpcontenttype":<String_value>,
      "httpauthorization":<String_value>,
      "httpvia":<String_value>,
      "httpxforwardedfor":<String_value>,
      "httplocation":<String_value>,
      "httpsetcookie":<String_value>,
      "httpsetcookie2":<String_value>,
      "connectionchaining":<String_value>,
      "httpdomain":<String_value>,
      "skipcacheredirectionhttptransaction":<String_value>,
      "identifiername":<String_value>,
      "identifiersessionname":<String_value>,
      "observationdomainid":<Double_value>,
      "observationdomainname":<String_value>,
      "builtin":<String[]_value>,
      "securityinsighttraffic":<String_value>,
      "subscriberawareness":<String_value>,
      "cacheinsight":<String_value>
}]}