We still have some cool engineers who want to ensure we have as much information out there to help with installations. There is no difference with Splunk get to work with NetScaler Application Firewall (AppFW). Here are the details that are actually displayed in Citrix Knowledge of the internal base (KB) CTX132533 Citrix Sales / SEs, but some have also asked to put the details in our blogs for easy access - hence, here it is ( written by Iryna Novosyolova)
Splunk installation :.
- Get installation package http://www.splunk.com/download?r=/product
- Install Splunk next steps in the installation wizard
- Get Splunk for Netscaler applying it :. http://splunk-base.splunk.com/apps/22345/splunk-for-citrix-netscaler-with-appflow
- Log in to Splunk
- Navigate App -.> Manage applications
6. Install the application from the file
7. Download the app from the tgz file
8. go to
9. Access NS GUI system -> Audit -> Policies. Add new policy. In the Create window Audit of politics, to name the policy and create a new server. Provide an IP address of the server where Splunk is installed and port 514 (Splunk must listen on this port). Confirm creation of the server and politics. Link globally.
10. Configure Application Firewall on Netscaler.
11. Go to Splunk -> Manager -> Data Inputs -> UDP. Make sure that the UDP port is 514, and is defined as sourcetype ns_log.
12. Access App -> Manage applications. Launch Splunk for Sitrix Netscaler. Go to App Firewall. If properly configured, there should be the picture like that.
Let us know if you have comments.
0 Komentar