Data governance for NetScaler telemetry program
All existing NetScaler Console customers must be compliant with the NetScaler telemetry program by uploading the required telemetry data. The NetScaler telemetry program is enabled starting from 14.1-28.x build and the telemetry data is automatically uploaded. For more information, see the NetScaler telemetry program. Citrix collects basic license telemetry data and NetScaler deployment and feature usage telemetry data for its legitimate interests, including license compliance. NetScaler Console configuration and feature usage data is also collected to manage, measure and improve Citrix products and services.
Notes:
The telemetry upload happens every 24 hours automatically.
To collect and store the telemetry metrics in your NetScaler instances, the following configuration was pushed to your NetScaler instances through NetScaler Console as part of the NetScaler telemetry program released on 18th June 2024.
enable ns feature AppFlow add analytics profile telemetry_metrics_profile -type timeseries -outputMode prometheus -metrics ENABLED -serveMode Pull -schemaFile "./telemetry_collect_ns_metrics_schema.json" -metricsExportFrequency 300 <!--NeedCopy-->
- The
/nsconfig/.telemetry.conffile is updated with the following command for the Gateway telemetry. NetScaler Console checks for this command every hour and adds it, if this command is missing. This command is pushed only to the NetScaler instances that have VPN virtual server configuration:ns_telemetry_server,<Console IP>,5140 <!--NeedCopy-->
- Some telemetry parameters are collected through scripts that are pushed from NetScaler Console to NetScaler instances. These scripts are read-only and do not change anything in NetScaler.
The following table provides the required parameter details that are collected as part of NetScaler telemetry program:
| Categories | Description | What do we use it for? |
|---|---|---|
| License, and NetScaler deployment and usage telemetry | Information about license entitlement, usage, and high-level NetScaler deployment data, and NetScaler feature usage. | License compliance and to manage, measure, and improve the service. |
| NetScaler Console deployment and feature usage telemetry | Information about Console deployment and feature usage. | To manage, measure, and improve the service. |
Required telemetry data
The following tables display the list of required data collected as part of the NetScaler telemetry program:
Licensing
| Parameters | Description |
|---|---|
| flex_vpx_inst_entitled | The total entitled VPX instances |
| flex_vpx_inst_allocated | The total allocated VPX instances |
| flex_sdx_inst_entitled | The total entitled SDX instances |
| flex_sdx_inst_allocated | The total allocated SDX instances |
| flex_mpx_inst_entitled | The total entitled MPX instances |
| flex_mpx_inst_allocated | The total allocated MPX instances |
| flex_plt_bw_entitled | The entitled platinum bandwidth |
| flex_plt_bw_allocated | The allocated platinum bandwidth |
| flex_ent_bw_entitled | The entitled enterprise bandwidth |
| flex_ent_bw_allocated | The allocated enterprise bandwidth |
| flex_std_bw_entitled | The entitled standard bandwidth |
| flex_std_bw_allocated | The allocated standard bandwidth |
| flex_vpx_fips_inst_entitled | The total entitled FIPS instances |
| flex_vpx_fips_inst_allocated | The total allocated FIPS instances |
| license_name | The license type or the feature name |
| peak_license_usage | The peak usage of license applied on the NetScaler instances (allocation) |
| peak_bandwidth_usage | The peak usage from the NetScaler instances |
| avg_license_usage | The average usage of license applied on the NetScaler instances (allocation) |
| avg_bandwidth_usage | The average usage from the NetScaler instances |
| license_edition | Platinum/Enterprise/Standard bandwidth |
| Feature Name | The license feature name |
| Host ID | The device host ID |
| License serial number | The serial number of the license |
| License Start Date | The start date of the license |
| License End Date | The end date of the license |
| License SA Date | The license subscription advantage date |
| tenantnslictype | The license type such as CPL, CUL |
| instance_id | The unique identifier of the instance |
| instance_mode | Checks if the instance is a standalone or HA pair |
| instance_state | The instance status (Up/Down) |
| is_local_license | Checks if the license is hosted in NetScaler Console |
| is_pooled_license | Checks if the license is a pooled license |
| license_edition | The license type (Platinum/Standard/Enterprise) |
| license_end_date | Total number of days for the license to expire |
| platform | The device type |
| plt_license_allocation | The platinum license allocation |
| std_license_allocation | The Standard license allocation |
| ent_license_allocation | The Enterprise license allocation |
| nslicensingtype | The licensing type (Flexed or Fixed) |
| instance_ip_address | The management IP address of the NetScaler. Note: The IP address will be hashed*. |
| total_pooled_devices | The total NetScaler instances (both managed and unmanaged) with pooled licenses |
| is_pooled_license_server | Indicates whether the NetScaler Console service is used as a pooled license server. |
| perc_discovered_vservers | The % of discovered/entitled virtual servers |
| perc_used_vservers | The % of used/entitled virtual servers |
| pool_cpxvcpu_entitled | The total pool CPX vCPUs entitled |
| pool_cpxvcpu_used | The total pool CPX vCPUs used |
| pool_entbw_entitled | The total pool Enterprise bandwidth entitled [MBps] |
| pool_entbw_used | The total pool Enterprise bandwidth used [MBps] |
| pool_entvcpu_entitled | The total pool Enterprise vCPUs entitled |
| pool_entvcpu_used | The total used pool Enterprise vCPUs used |
| pool_fips_instances_entitled | The total pool FIPS instances entitled |
| pool_fips_instances_used | The total used pool FIPS instances |
| pool_instances_entitled | The total pool instances entitled |
| pool_instances_used | The total used pooled instances |
| pool_perc_bw_used | The % of used bandwidth |
| pool_perc_instances_used | The % of used instances |
| pool_perc_vcpu_used | The % of used vCPUs |
| pool_pltbw_entitled | The total pool Platinum bandwidth entitled [MBps] |
| pool_pltbw_used | The total pool Platinum bandwidth used [MBps] |
| pool_pltvcpu_entitled | The total pool Platinum vCPUs entitled |
| pool_pltvcpu_used | The total pool Platinum vCPUs used |
| pool_stdbw_entitled | The total pool Standard bandwidth entitled |
| pool_stdbw_used | The total pool Standard bandwidth used |
| pool_stdvcpu_used | The total pool Standard vCPUs Used |
| total_discovered_vservers | The total discovered virtual servers |
| total_entitled_vservers | The total entitled virtual servers |
| total_used_vservers | The total used virtual servers |
NetScaler Gateway feature usage
The following data telemetry is collected only if your managed NetScaler Gateway on-prem version is 14.1-25.x and later:
| Parameters | Description |
|---|---|
| accessMode | The type of access mode. For example, ICA, VPN |
| bytesTransferred | The total bytes sent and received per session |
| epaScans | The total number of EPA scans |
| features | The features enabled in NetScaler Gateway |
| id | The unique identifier of the usage event |
| prod | Identification of the originating product and deployment of the usage event |
| prodVer | The Gateway product version |
| The gateway user email. Note: The email ID will be hashed*. | |
| st | The current time of the data being pulled |
| type | The event type used by CAS to identify the Gateway on-prem usage events |
| userName | The Gateway user name. Note: The name will be hashed*. |
| ver | The version of the telemetry event |
NetScaler deployment
| Parameters | Description |
|---|---|
| total_active_managed_devices | The total NetScaler instances that are in UP state |
| total_nsap_device | The total admin partition instances in NetScaler Console |
| total_managed_devices | The total managed NetScaler instances in NetScaler Console |
| instance_mode | Checks if the instance is a standalone or HA pair |
| instance_state | The instance status (Up/Down) |
| dev_pl_aws | The device platform type |
| dev_pl_azure | The device platform type |
| dev_pl_citrix_hypervisor | The device platform type |
| dev_pl_esx | The device platform type |
| dev_pl_gcp | The device platform type |
| dev_pl_hyper_v | The device platform type |
| dev_pl_kvm | The device platform type |
| dev_pl_unknown | The device platform type |
| dev_pl_vpx_on_sdx | The device platform type |
| total_blx_device | The total managed BLX instances in NetScaler Console |
| total_cpx_device | The total managed CPX instances in NetScaler Console |
| total_ng_device | The total managed Gateway instances in NetScaler Console |
| total_ngvpx_device | The total managed Gateway VPX instances in NetScaler Console |
| total_ns_device | The total managed MPX instances in NetScaler Console |
| total_nssdx_device | The total managed SDX instances in NetScaler Console |
| total_nsvpx_device | The total managed VPX instances in NetScaler Console |
| total_nswg_device | The total managed Web Gateway instances in NetScaler Console |
| total_nswgvpx_device | The total managed Web Gateway VPX instances in NetScaler Console |
| device_id | The VPX instance unique ID |
| device_platform | The platform where the VPX instance is hosted |
| state | The current status (UP or Down) of the VPX instance |
| aaa_vservers | The total number of AAA virtual servers |
| cs_vservers | The total number of content switching virtual servers |
| gslb_vservers | The total number of GSLB virtual servers |
| lb_vservers_http | The total number of HTTP LB virtual servers |
| lb_vservers_ssl | The total number of SSL virtual servers |
NetScaler feature usage
| Parameters | Description |
|---|---|
| total_aaa_devices | The total NetScaler instances configured with AAA virtual servers |
| aaa_as_Request_tot_blocked | The total number of HTTP requests blocked by appfw profile for AAA |
| aaatm_as_Request_tot_blocked | The total number of HTTP requests blocked by appfw profile for AAATM |
| as_Requests_aaatm_lb | The total number of HTTP requests processed by appfw module on behalf of aaatm_lb module |
| as_Requests_vpn | The total number of HTTP requests processed by appfw module on behalf of vpn module |
| nsapisec_builtin_tot_hits | The total number from the built-in API Security Schema for Project Shield |
| nsapisec_builtin_tot_validated_success | The total number of requests successfully passed the built-in API Security Schema for Project Shield |
| svpn_as_Request_tot_blocked | The total number of HTTP requests blocked by appfw profile for VPN |
| appfw.appfirewallrequests | The total number of WAF requests through the appfw profile |
| appfw.appfirewallrequestsrate | The total rate of WAF requests through appfw profile |
| appfwprofile.appfw_block | The total number of blocked passed per profile |
| appfwprofile.appfw_bypass | The total number of requests passed per profile |
| appfwprofile.appfw_drop | The total number of dropped passed per profile |
| appfwprofile.appfw_reset | The total number of reset passed per profile |
| bot requests | The total number of bot requests through appfw profile |
| bot_signature_version | The version of bot signature used |
| botrequestsrate | The rate of bot requests through bot profile |
| waf_signature_version | The version of WAF signature used |
| waf.as_requests | The total number of requests done through all WAF profiles that also include default profiles |
| waf.as_req_bytes | The total number of requests done through all WAF profiles that exclude default profiles |
| total_api_sec_deployments | The total number of API security deployments through NetScaler Console service |
| ingress_controllers | The total number of ingress controllers |
| admin_partitions | The total number of partitions |
| gslb_site_tot_RequestBytes | The total requests in bytes passing through the gslb profile |
| gslb_site_tot_Requests | The total requests pass through gslb profile |
| gslb_sites | The total number of gslb sites |
| gslb.services | The total number of gslb services |
| analytics.profile | The total number of analytics profile |
| appfw.policies | The total number of AppFlow policies |
| appfw.profiles | The total number of AppFlow profiles |
| bot.policies | The total number of Bot policies |
| bot.profiles | The total number of Bot profiles |
| category | The device classification. For example, Gateway |
| cluster.nodes | The total number of cluster nodes |
| cr | The total number of Cache Redirection virtual servers |
| cs.all | The total number of Content Switching virtual servers |
| cs.gw | The total number of Content Switching virtual servers used as gateway |
| cs.used | The total number of addressable Content Switching virtual servers not bound to localhost and of WEB or TCP protocol |
| deployment_type | The NetScaler deployment type (HA pair or standalone) |
| ha.node | The IP address of the HA pair |
| lb.all | The total number of all load balance virtual servers |
| lb.gw | The total number of load balance virtual servers used as gateway |
| lb.used | The total number of addressable load balance virtual servers not bound to localhost and of WEB or TCP protocol |
| nsip | The NSIP of the NetScaler. Note: The IP address will be hashed*. |
| reason | The detailed reason for classification |
| servers | The total number of virtual servers |
| serviceGroups | The total number of ServiceGroups |
| services | The total number of services |
| services.dns | The total number of ADNS/ADNS_TCP type services |
| vpn | The total number of VPN virtual servers |
| vpn.ica | The total number of ICA VPN virtual servers |
| vservers.gw | The total number of LB + CS + CR virtual servers used a gateway |
| vservers.used | The total number of addressable LB + CS + CR virtual servers not bound to localhost and of WEB or TCP protocol |
| waf_protection | The waf protection type |
| total_cs_devices | The total NetScaler instances configured with content switching virtual servers |
| total_gslb_devices | The total NetScaler instances configured with Global server load balancing virtual servers |
| total_gw_devices | The total NetScaler instances that are enabled with SSL VPN |
| total_lb_devices | The total NetScaler instances configured with load balancing virtual servers |
| total_lb_devices_http | The total NetScaler instances configured with load balancing HTTP virtual servers |
| is_subscription_enabled | Whether the exporting configuration added by the subscription is enabled or not |
| telemetry_collected_at | The time at which the telemetry script is run |
| state | The current status (Up or Down) of the VPX instance |
| version | The build version of the devices |
| exp.events | The total number of analytics profiles used for exporting events |
| exp.managementlogs | The total number of analytics profiles used for exporting management logs |
| exp.metrics | The number of analytics profiles used for exporting metrics |
| exp.auditlogs | The number of analytics profiles used for exporting auditlogs to Splunk |
| exp.prometheus | The number of analytics profiles used for exporting to Prometheus |
| gw_hdx_insights | Whether HDX insight and Gateway Insight export enabled |
| collected_at | The time at which the telemetry script has collected the data |
| total_audit_logs | The total number of audit logs configured through the NextGen API |
| total_backends | The total number of backends configured through the NextGen API |
| total_frontends | The total number of frontends configured through the NextGen API |
| total_health_check | Total number of health_check resources configured through the NextGen API |
| total_http_redirects | The total number of HTTP-redirects configured through the NextGen API |
| total_http_responders | The total number of HTTP-responders configured through the NextGen API |
| total_load_balancing_settings | The total number of load-balancing settings configured through the NextGen API |
| total_routes | The total number of routes (policies) configured through the NextGen API |
| total_tls_settings | The total number of TLS settings configured through the NextGen API |
| total_http_settings | The total number of HTTP settings configured through the NextGen API |
| total_value_set | The total number of value sets configured through the NextGen API |
| total_wireshark_expressions | The total number of wireshark filters used to configure through the NextGen API |
| last_login_time | The timestamp of the user’s last login with the NextGen API |
| last_usage_time | The timestamp of the user’s last interaction with the NextGen API |
| ngapi_version | The NextGen API version |
| state | The current NextGen API status |
| total_applications | The total number of applications configured through the NextGen API |
| total_certificates | The total number of certificates installed through the NextGen API |
| total_failed_commit | The total number of NextGen API requests failed at commit stage |
| total_failed_install | The total number of NextGen API requests failed at install stage |
| total_login | The total number of logins into the NextGen API interface |
| total_request | The total number of requests done through the NextGen API interface |
| total_resources | The total number of NextGen API resources (applications, certificates, health_checks, and so on) configured through the NextGen API |
| svpn_tot_client_type_AGENT | The total number of Citrix Secure Access clients for Windows |
| svpn_tot_client_type_IOS | The total number of Citrix Secure Access clients for iOS |
| svpn_tot_client_type_MAC | The total number of Citrix Secure Access clients for macOS |
| svpn_tot_client_type_ANDROID | The total number of Citrix Secure Access clients for Android |
| svpn_tot_client_type_CVPN | The total number of users or devices accessing the Citrix resources through clientless VPN |
| svpn_tot_client_type_ICA | The total number of Citrix Secure Access clients for ICA access |
| ns_svpn_tot_epa_failed | The total number of EPA checks failed |
| ns_svpn_tot_epa_quarantine | The total number of EPA checks failed with quarantine |
NetScaler Console deployment and feature usage
| Parameters | Description |
|---|---|
| platform | The platform where the NetScaler Console is hosted. For example, Citrix Hypervisor |
| csp | Whether the tenant is Citrix Service provider |
| customer_onboard_date | The date when Citrix Cloud is onboarded |
| Customer_type | Whether the customer is an external or an internal customer |
| Email ID of the Citrix Cloud ID (collected from Citrix Cloud) | |
| end_date | The NetScaler Console SKU end date |
| product_sku | The product SKU |
| product_sku_description | The description of the product SKU |
| service_type | The service type of tenants |
| session_count | The number of logins in the last day |
| start_date | The NetScaler Console SKU start date |
| state | The NetScaler Console SKU status |
| built_in_agents | The built-in agents used by the NetScaler instances to communicate with NetScaler Console service |
| page_views | The total page view /visit count in NetScaler Console GUI |
| smart_deployment | The count of CADS deployment |
| botinsight_usage | Whether bot insight is enabled (yes or no) |
| data_from_adm_service | |
| adm_pop | The NetScaler Console service PoP name |
| model_id | The NetScaler model type |
| total_haproxy_device | The total count of devices with the type “haproxyhost” |
| version | The NetScaler build, version, and release date |
| is_agt | Checks if agent is configured or not |
| is_cloud | Checks if NetScaler Console deployment is NetScaler Console service or NetScaler Console on-prem |
| number_of_ns_upgrade_jobs | The total upgrade jobs used |
| webinsight | Whether Web Insight is enabled in lb or cs virtual server |
| webinisight_usage | Whether any active hdx sessions (yes or no) |
| adm_analyt_hdx_apps | The total number of requests from the device that has HDX insight enabled |
| adm_analyt_hdx_users | The users count connected through Virtual Desktop |
| adm_analyt_sec_insight | The total number of requests from the device that has Security insight enabled |
| adm_analyt_webinsight | The total number of requests from the device that has Web insight enabled |
| anomalyinsight | Indicates whether the request feature is enabled in the lb or cs virtual server |
| count | The total issue count related to analytics |
| feature | The feature category for the identified issue. The feature can be BOT_INSIGHT, DEVICE, GATEWAY_INSIGHT, HDX_INSIGHT, SECURITY_INSIGHT, SERVICE_GRAPH, SWG_INSIGHT, WEB_INSIGHT, WEB_SECURITY_BOT_INSIGHT |
| feature | The analytics feature enabled on the load balancing virtual servers |
| feature | The analytics feature enabled on the content switching virtual servers |
| feature | The analytics feature enabled on the VPN virtual servers |
| gwinsight | Indicates whether ICA_REQUEST feature is enabled on a VPN virtual server |
| gwinsight_usage | Indicates whether any HDX users in the last day (yes or no) |
| ge_hdx_insights | The export of HDX insight and Gateway insight enabled |
| issue_type | The issue category for which the identified issue belongs to. For example, licensing, configuration |
| secinsight | Indicates whether the security insight is enabled in the lb or cs virtual server |
| secinsight_usage | Whether any security attacks found in the last day (yes or no) |
| sub_issue_type | The sub-issue category for the identified issue. The sub issue can be NO_VIPS_LICENSED, BOT_INSIGHT_IN_ACTION_DISABLED, NS_FEATURE_DISABLED, VSERVER_WITHOUT_BOT_POLICY_BINDING, NO_COLLECTORS_PRESENT, APPFLOWPARAM_DISABLED, ICA_APPFLOW_POLICY_BINDING, VSERVER_WITHOUT_APPFIREWALL_POLICY_BINDING, SECURITY_INSIGHT_IN_ACTION_DISABLED, NO_CPX_VIPS_PRESENT, COLLECTOR_UNBOUND_IN_VSERVER, VSERVER_WITHOUT_APPFLOW_POLICY_BINDING |
| total_api_discovery | The total NetScaler instances receiving API requests |
| total_csvserver_ft_enabled | The total content switching virtual servers where at least one analytics feature is enabled |
| total_lbvserver_ft_enabled | The total load balancing virtual servers where at least one analytics feature is enabled |
| total_web_transaction_analytics | The total NetScaler instances enabled with Web transaction analytics |
| agt_pl_azure | The agent platform type |
| agt_pl_citrix_hypervisor | The agent platform type |
| agt_pl_docker | The agent platform type |
| agt_pl_esx | The agent platform type |
| agt_pl_hyper_v | The agent platform type |
| agt_pl_gcp | The agent platform type |
| agt_pl_kvm | The agent platform type |
| agt_pl_kubernetes | The agent platform type |
| agt_pl_unknown | The agent platform type |
| agt_pl_aws | The agent platform type |
| agent_id | The unique ID of the deployed agent |
| city | The city where agent is deployed |
| country | The country where agent is deployed |
| platform | The platform where the NetScaler Console is hosted. For example, Citrix Hypervisor |
| region | The region where agent is deployed |
| total_active_agents | The total agents that in UP state |
| version | The agent version |
| city | The datacenter city |
| isCloud | Whether it is on-prem or cloud |
| total_k8s | The NetScaler Console hosted on the Kubernetes cluster. The total Kubernetes clusters |
| total_apps | The total applications in NetScaler Console |
| total_custom_sites | The total custom sites configured in NetScaler Console |
| total_managed_apps | The total managed applications in NetScaler Console |
| total_custom_apps | The total custom applications in NetScaler Console |
| root | The NetScaler Console disk utilization details in /var, /root, /flash, /var/mps directories |
| total | The total NetScaler Console disk space (Unit: Bytes) |
| used | The total utilized NetScaler Console disk space |
| free | The total available NetScaler Console disk space |
| total_api_requests | The total requests through API to NetScaler Console in the last 24 hours. This also includes remote proxy users (requests from the agent). |
| total_api_external_requests | The total requests through API to NetScaler Console that exclude the requests from the agent |
| total_gui_requests | The total users logged in to the NetScaler Console GUI in the last 24 hours |
| total_users | The total count of NetScaler Console local users |
| total_config_audit | The total Config Audit template configured in NetScaler Console |
| total_config_job | The total Config jobs created in NetScaler Console |
| total_ssl_certs | The total SSL certification that are created/modified/deleted from NetScaler Console |
| total_custom_event_rules | The total custom event rules created in NetScaler Console |
| total_success_preauth_requests | The count of successful requests to generate the pre-auth tokens |
| total_event_rules | The total event rules created in NetScaler Console |
| total_ingress_deployed | The total ingress controllers in Kubernetes. |
| total_ipam | The total IPAM providers added in NetScaler Console |
| total_ipam_configured | The total IPAM networks added in NetScaler Console |
| total_network_report | The total Network Report created in NetScaler Console |
| total_pager_duty_profile | The total PagerDuty profiles added in NetScaler Console |
| total_rbac_groups | The total RBAC groups configured in NetScaler Console |
| total_slack_profile | The total Slack profiles added in NetScaler Console |
| total_ssl_certs | The total SSL certification that are created/modified/deleted from NetScaler Console |
| total_stylebook_config_store_count | The total config packs created in NetScaler Console |
| total_user_sb_stylebook_count | The total custom config packs created in NetScaler Console |
| configpack | The total number of stored configpack from StyleBooks |
| export_end_point | The end point where the data is sent. |
| export_frequency | The data export is hourly or daily |
| export_type | The destination where the date is sent. Example: Splunk, New Relic |
| gather_feature | What data is exported. Example: WAF, Bot |
| subscribed_by | The user who has added the observability configuration |
| subscription_name | The subscription name to identify the configuration |
| subscription_notification_enabled | Whether any notification setting is enabled for the export |
*The information collected through telemetry, such as email addresses, user names, and IP addresses, is securely pseudonymised by hashing the information at the source using one-way hashing algorithms. As a result, Citrix cannot access or read these values. This telemetry data is used solely for logical asset-matching purposes.
Data governance for NetScaler telemetry program
Copied!
Failed!