Product documentation
uberAgent
Current Release (7.2.1) 7.2.0 7.1.2 7.1.1 7.1.0 7.0.2 7.0.1 7.0.0

Citrix NetScaler (ADC) Monitoring

August 14, 2024
Contributed by: 
C

What is Citrix NetScaler (ADC) Monitoring

With Citrix NetScaler (ADC) monitoring, uberAgent collects appliance & gateway performance, utilization, and inventory data from Citrix NetScaler Application Delivery Controllers (metrics docs).

The uberAgent endpoint agent needs to be installed on a machine from where it can reach the physical or virtual Citrix NetScaler (ADC) appliance(s). On Citrix Delivery Controllers (DDCs), the collection of NetScaler (ADC) metrics is enabled by default. Of course, NetScaler (ADC) metrics can also be retrieved from any other machine instead.

Enabling or Disabling Citrix NetScaler (ADC) Monitoring

Citrix NetScaler (ADC) monitoring is activated by default only on Citrix Delivery Controllers, as explained above. You can modify this behavior through the configuration setting [CitrixADC_Config] in uberAgent’s configuration.

To completely disable collecting Citrix ADC metrics, disable the following metrics in the configuration:

  • CitrixADCPerformance
  • CitrixADCvServer
  • CitrixADCGateways
  • CitrixADCInventory

Installation and Configuration

If you have uberAgent already installed on one or more DDCs for Citrix site monitoring, it makes sense to also collect Citrix NetScaler (ADC) metrics there. Make sure that the DDCs can communicate with the Citrix NetScaler (ADC) management interface (NSIP) either through port 80 or, if you enabled Secure Access Only for the NSIP, through port 443.

While DDCs may be the ideal place to capture Citrix NetScaler (ADC) data for most customers, that may not be the case for everybody. As explained above, you can overwrite the setting CollectADCInformation in the stanza [CitrixADC_Config] to collect Citrix NetScaler (ADC) metrics from any installed uberAgent endpoint. Make sure that this setting is only distributed to the machines that are intended for this purpose. If you distribute it to all machines where uberAgent is installed, every endpoint communicates with the Citrix NetScaler (ADC) appliance(s), which could overload the appliance(s) and generate unnecessary data.

CollectADCInformation=MachineList in combination with a set of machines configured in CollectADCInformationMachines, defines on which machines the collection of ADC metrics will be performed.

Citrix NetScaler (ADC) Configuration

Besides network access, uberAgent also needs credentials to be able to login into the Citrix ADC appliances. It only needs to read information; hence using a user with the command policy read-only bound is the recommended option. Users with more privileges are also supported, but not recommended from a security perspective.

Create a user with the command policy read-only bound from CLI:

add system user nsread Password -externalAuth DISABLED -timeout 900 -maxsession 20
bind system user nsread read-only 100
<!--NeedCopy-->

uberAgent Configuration

This section explains the configuration via uberAgent’s configuration file. The configuration via GPO works accordingly.

Use the stanza [CitrixADC_Config] to specify how uberAgent should connect to your appliance(s). If multiple [CitrixADC_Config] stanzas are specified, the configured metrics are determined for each of them. Use one [CitrixADC_Config] stanza per Citrix NetScaler (ADC) pair.

Following are some examples of valid Citrix ADC configurations. More information on the parameters is available in the configuration file itself. Note that passwords can be encrypted.

Example 1: One Citrix NetScaler (ADC) appliance manageable through HTTP (port 80). Data collection happens on DDCs only

[CitrixADC_Config]
Server = 10.1.1.21
Username = nsread
Password = Password
Https = false
CollectADCInformation = DDCOnly
<!--NeedCopy-->

Example 2: A Citrix ADC high-availability pair manageable through HTTPS (port 443). Data collection happens not on a DDC.

  • If HTTPS is used, the entries in the setting Server must match those in the certificate bound to the NSIP.
  • uberAgent collects performance information for the primary appliance only. So for best collection performance, list the primary appliance first.
[CitrixADC_Config]
Server = CitrixADC1.domain.local,CitrixADC2.domain.local
Username = nsread
Password = Password
Https = True
CollectADCInformation = True
<!--NeedCopy-->

Example 3: A Citrix ADC high-availability pair manageable through HTTPS (port 443). Data collection happens on a set of machines.

[CitrixADC_Config]
Server = CitrixADC1.domain.local,CitrixADC2.domain.local
Username = nsread
Password = Password
Https = True
CollectADCInformation = MachineList
CollectADCInformationMachines = DDC01, DDC02
<!--NeedCopy-->

Deployment Considerations

uberAgent’s NetScaler integration sequentially queries the configured NetScalers with PowerShell through the NITRO API. This implementation method has pros and cons.

This section describes if the uberAgent implementation is for you, or if you should go with NetScaler’s builtin Observability integrations.

When to Use uberAgent’s Netscaler Integration

uberAgent’s NetScaler integration is easy to use, comes with beautiful Splunk dashboards out-of-the-box, and is tailored to the Citrix CVAD/DaaS administrator who focuses on the quality of user sessions.

The NITRO API offers plenty of information about NetScaler, but comes with limitations. For example, it does not offer insights into failed AAA logins. In addition, not all existing NITRO API fields are queried by uberAgent, but only the ones that you see in the Splunk dashboards. Additional fields can be requested via feature requests.

uberAgent queries NetScaler sequentially. Querying lots of NetScaler boxes from one uberAgent endpoint can lead to performance issues and requires distributing the load to multiple endpoints.

Use uberAgent’s NetScaler integration, when you have only a few NetScaler to monitor and want to benefit from pre-built Splunk dashboards and easy configuration.

When to Use NetScaler’s Built-in Observability Integrations

NetScaler can send metrics and logs to various backends natively. This includes Splunk with example dashboards.

NetScaler Console, the monitoring and configuration tool for NetScaler from Citrix, can send data to Observability platforms like Splunk, too.

Sending data off the NetScaler instead of querying it externally through an API is more efficient. Also, NetScaler can send, more or less, data for every NetScaler setting that you see in the UI or via the Shell. It can also send log files which include information on failed AAA logins.

While NetScaler can send a lot to Observability platforms, you have to define which settings you would like to see. Also, you have to create your own visualizations or change the example dashboards.

Use NetScaler’s and NetScaler Console’s built-in Observability integrations when you require monitoring more than a handful NetScaler, when you need management logs or more data that is not available through uberAgent and the NITRO API.

System Requirements

Please see the system requirements page for details.

Citrix NetScaler (ADC) Monitoring
August 14, 2024
Contributed by: 
C
August 14, 2024
Contributed by: 
C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.