Product Documentation

Reliable SYSLOG

Jun 22, 2015

The NetScaler appliance supports sending SYSLOG messages to external log servers over TCP for a more reliable transport mechanism. Unlike the UDP protocol, TCP provides receipt acknowledgement, reliability, and flow control over.

To configure the NetScaler appliance to send SYSLOG messages over TCP using the command line interface

At the command prompt, type the following:

add audit syslogAction <name> <serverIP> [-serverPort <port>] [-logLevel <logLevel>] [-dateFormat ( MMDDYYYY | DDMMYYYY )] [-transport (TCP)]

Example

add audit syslogaction audit-action1 10.102.1.1 -loglevel INFORMATIONAL -dateformat MMDDYYYY -transport TCP

To configure the NetScaler appliance to send SYSLOG messages over TCP using the configuration utility
  1. Navigate to System > Auditing > Syslog, and select the Servers tab.
  2. Click Add and select TCP Logging.

Limitations

  1. The log messages are sourced through the NetScaler appliance's NSIP address, and currently there is no SNIP support for SYSLOG.
  2. The reliable SYSLOG option does not provide authentication, integrity check, or privacy.
  3. The NetScaler appliance relies on the TCP protocol to provide confirmation for SYSLOG message delivery to external log servers.