Consider the following scenario, you had a filter to drop any request which has "%" in the URL query. Your website now supports simplified Chinese language and therefore the you wants to add a filter to allow requests with "?q=%*" expression in the URL query and drop all requests that have "%".

Complete the following steps to configure this policy:

1. Run the following command to add an advanced policy expression:
   add policy expression pol_expr_CompanyA_character_check "http.REQ.URL.CONTAINS(\"<\")||(!http.REQ.URL.CONTAINS(\"?q=%\") && http.REQ.URL.CONTAINS(\"%\"))"

2. Run the following command to add additional logs to the newnslog file for troubleshooting any issues:
   add audit messageaction log_CompanyA_character_check ALERT "\"Request from \"+CLIENT.IP.SRC+\" was requested \"+HTTP.REQ.URL.HTTP_URL_SAFE+\" , and used this browser: \"+HTTP.REQ.HEADER(\"User-Agent\").HTTP_HEADER_SAFE" -logtoNewnslog YES

3. Run the following command to add a responder policy to drop requests:
   add responder policy pol_resp_CompanyA_character_drop "http.REQ.HOSTNAME.CONTAINS(\"beta.CompanyA.com\")" DROP DROP -logAction log_CompanyA_character_check

4. Bind the policy globally or to a virtual server.

Additional Resources

You can also set up the NetScaler appliance to externally capture these messages. Refer to the following Citrix Documentation for further information:

• Configuring Command Center as the Syslog Server
• Audit Logging