ADC

Customizing logging on the NSLOG server

May 2, 2023

Contributed by:

S S

You can customize logging on the NSLOG server by making additional modifications to the NSLOG server configuration file (log.conf). Use a text editor to modify the log.conf configuration file on the server system.

To customize logging, use the configuration file to define filters and log properties.

Log filters. Filter log information from a NetScaler appliance or a set of NetScaler appliances.
Log properties. Each filter has an associated set of log properties. Log properties define how to store the filtered log information.

This document includes the following details:

Creating Filters
Specifying Log Properties

Creating filters

You can use the default filter definition located in the configuration file (audit log.conf ), or you can modify the filter or create a new filter. You can create more than one log filter.

Note: For consolidated logging, if a log transaction occurs for which there is no filter definition, the default filter is used (if it is enabled.) The only way you can configure consolidated logging of all the NetScaler appliances is by defining the default filter.

To create a filter

At the command prompt, type the following command in the configuration file ( auditlog.conf):

filter <filterName> [IP <ip>] [NETMASK <mask>] ON | OFF]
<!--NeedCopy-->

filterName: Specify the name of the filter (maximum of 64 alphanumeric characters).

ip: Specify the IP addresses.

mask: Specify the subnet mask to be used on a subnet.

Specify ON to enable the filter to log transactions, or specify OFF to disable the filter. If no argument is specified, the filter is ON.

Examples:

filter F1 IP 192.168.100.151 ON
<!--NeedCopy-->

To apply the filter F2 to IP addresses 192.250.100.1 to 192.250.100.254:

filter F2 IP 192.250.100.0 NETMASK 255.255.255.0 ON
<!--NeedCopy-->

filterName is a required parameter if you are defining a filter with other optional parameters, such as IP address, or the combination of IP address and Netmask.

Specifying log properties

Log properties associated with the filter are applied to all the log entries present in the filter. The log property definition starts with the key word BEGIN and ends with END as illustrated in the following example:

BEGIN <filtername>
    logFilenameFormat ...
    logDirectory ...
    logInterval ...
    logFileSizeLimit ....
END
<!--NeedCopy-->

Entries in the definition can include the following:

LogFilenameFormat specifies the file name format of the log file. The name of the file can be of the following types:
- Static: A constant string that specifies the absolute path and the file name.
- Dynamic: An expression that includes the following format specifiers:
  - Date (%{format}t)
  - creates file name with NSIP
Example:
```
 LogFileNameFormat Ex%`{`%m%d%y}t.log
 
```
This creates the first file name as Exmmddyy.log. New files are named: Exmmddyy.log.0, Exmmddyy.log.1, and so on. In the following example, the new files are created when the file size reaches 100MB.

Example:
```
 LogInterval size
 LogFileSize 100
 LogFileNameFormat Ex%`{`%m%d%y}t
 
```

Caution

The date format %t specified in the LogFilenameFormat parameter overrides the log interval property for that filter. To prevent a new file being created every day instead of when the specified log file size is reached, do not use %t in the LogFilenameFormat parameter.

logDirectory specifies the directory name format of the log file. The name of the file can be either of the following:
- Static: Is a constant string that specifies the absolute path and file name.
- Dynamic: Is an expression containing the following format specifiers:
  - Date (%{format}t)
  - creates directory with NSIP
The directory separator depends on the operating system. In Windows, use the directory separator.

Example:
```
 LogDirectory dir1\dir2\dir3
 
```
In the other operating systems (Linux, FreeBsd, and so forth.), use the directory separator.
LogInterval specifies the interval at which new log files are created. Use one of the following values:
- Hourly: A file is created every hour. Default value.
- Daily: A file is created very day at midnight.
- Weekly: A file is created every Sunday at midnight.
- Monthly : A file is created on the first day of the month at midnight.
- None: A file is created only once, when audit server logging starts.
- Size: A file is created only when the log file size limit is reached.
Example:
```
 LogInterval Hourly
 
```
- LogFileSizeLimit specifies the maximum size (in MB) of the log file. A new file is created when the limit is reached.
Note

You can override the loginterval property by assigning size as its value.

The default LogFileSizeLimit is 10 MB.

Example:
```
 LogFileSizeLimit 35
 
```

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Customizing logging on the NSLOG server

May 2, 2023

Contributed by:

S S

May 2, 2023

Contributed by:

S S

Customizing logging on the NSLOG server

Creating filters

To create a filter

Specifying log properties

In this article