Citrix ADC SSL Counters
Article ID: CTX132779
Updated On:
Description
This article contains information about the newnslog Secure Socket Layer (SSL) counters and its brief description.
Note: According to RFC6176 from Internet Engineering Task Force (ITEF), TLS servers must not support SSLv2. The ADC appliance does not support SSLv2 from release 12.1.
Using the Counters
Log on to the ADC using an SSH client, change to SHELL, navigate to the /var/nslog directory, and then use the ‘nsconmsg’ command to see comprehensive statistics using the different counters available. For the detailed procedure refer to Citrix Blog - NetScaler ‘Counters’ Grab-Bag!.
The newnslog SSL counters
The following table lists the newnslog SSL counters with a simple description of the counter.
| Counter | Description |
| ssl_tot_sslInfo_TotalTxCount | This counter tracks the number of SSL transactions on the NetScaler appliance. |
| ssl_tot_sslInfo_TotalSessionCount | This counter tracks the number of SSL sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_SessionHits | This counter tracks the number of SSL session reuse hits on the NetScaler appliance. |
| ssl_tot_sslInfo_SessionMiss | This counter tracks the number of SSL session reuse misses on the NetScaler appliance. |
| ssl_tot_sslInfo_SessionNew | This counter tracks the number of new SSL sessions created on the NetScaler appliance. |
| ssl_tot_sslInfo_SessionBad | This counter tracks the number of bad SSL sessions on the NetScaler appliance. |
| ssl_tot_sslEvent_SSLv2CA | This counter tracks the number of client authentications done on SSLv2. |
| ssl_tot_sslInfo_SSLv2SessCount | This counter tracks the number of SSLv2 sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_SSLv3SessCount | This counter tracks the number of SSLv3 sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_TLSv1SessCount | This counter tracks the number of TLSv1 sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_SessionExport | This counter tracks the total number of expired SSL sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_SessionRenegotiate | This counter tracks the number of SSL session renegotiations on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_RSA_512 | This counter tracks the number of RSA 512-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_RSA_1024 | This counter tracks the number of RSA 1024-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_RSA_2048 | This counter tracks the number of RSA 2048-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_RSA_4096 | This counter tracks the number of RSA 4096-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_DH_512 | This counter tracks the number of Diffie- Hellman 512-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_DH_1024 | This counter tracks the number of Diffie- Hellman 1024-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_KeyEx_DH_2048 | This counter tracks the number of Diffie- Hellman 2048-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Auth_RSA | This counter tracks the number of RSA authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Auth_DH | This counter tracks the number of Diffie-Hellman authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Auth_NULL | This counter tracks the number of Null authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC4_40 | This counter tracks the number of RC4 40-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC4_56 | This counter tracks the number of RC4 56-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC4_64 | This counter tracks the number of RC4 64-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC4_128 | This counter tracks the number of RC4 128-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_DES_40 | This counter tracks the number of DES 40-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_DES_56 | This counter tracks the number of DES 56-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_3DES_168 | This counter tracks the number of DES 168-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC2_40 | This counter tracks the number of RC2 40-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC2_56 | This counter tracks the number of RC2 56-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_RC2_128 | This counter tracks the number of RC2 128-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_IDEA_128 | This counter tracks the number of IDEA 128-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_NULL | This counter tracks the number of Null cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Hash_MD5 | This counter tracks the number of MD5 hashes on the NetScaler appliance. |
| ssl_tot_sslInfo_Hash_SHA | This counter tracks the number of SHA hashes on the NetScaler appliance. |
| ssl_tot_sslInfo_SSLv2TxCount | This counter tracks the number of SSLv2 transactions on the NetScaler appliance. |
| ssl_tot_sslInfo_TLSv1TxCount | This counter tracks the number of TLSv1 transactions on the NetScaler appliance. |
| ssl_tot_sslInfo_TLSv1HandskCount | This counter tracks the number of SSL handshakes on TLSv1 on the NetScaler appliance. |
| ssl_tot_sslInfo_SSLv3HandskCount | This counter tracks the number of handshakes on SSLv3 on the NetScaler appliance. |
| ssl_tot_sslInfo_SSLv2HandskCount | This counter tracks the number of handshakes on SSLv2 on the NetScaler appliance. |
| ssl_tot_sslInfo_SSLv3Renego | This counter tracks the number of session renegotiation done on SSLv3. |
| ssl_tot_sslInfo_TLSv1Renego | This counter tracks the number of SSL session renegotiation done on TLSv1. |
| ssl_tot_sslEvent_SSLv3CA | This counter tracks the number of client authentications done on SSLv3. |
| ssl_tot_sslEvent_TLSv1CA | This counter tracks the number of client authentications done on TLSv1. |
| ssl_tot_sslEvent_BulkOff_RC4 | This counter tracks the number of RC4 encryption offloaded to the cryptography card. |
| ssl_tot_sslEvent_BulkOff_DES | This counter tracks the number of DES encryption offloaded to the cryptography card. |
| ssl_tot_sslEvent_BulkOff_AES | This counter tracks the number of AES encryption offloaded to the cryptography card. |
| ssl_tot_sslEvent_KeyExOff_RSA | This counter tracks the number of RSA key exchanges offloaded to the cryptography card. |
| ssl_tot_sslEvent_KeyExOff_DH | This counter tracks the number of DH key exchanges offloaded to the cryptography card. |
| ssl_tot_sslEvent_SignOff_RSA | This counter tracks the number of RSA sign operations offloaded to the cryptography card. |
| ssl_tot_sslInfo_Backend_SessionRe negotiate | This counter tracks the number of back-end SSL session renegotiation on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TotalMaxS essMultiPlx | This counter tracks the number of back-end SSL sessions reused on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TotalSess MultiPlxAttempts | This counter tracks the number of back-end SSL session multiplex attempts on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_AES_128 | This counter tracks the number of AES 128-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TotalSess MultiPlxSuccess | This counter tracks the number of back-end SSL session multiplex successes on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TotalSess MultiPlxFailure | This counter tracks the number of back-end SSL session multiplex failures on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_KeyEx_RS A_512 | This counter tracks the number of back-end RSA 512-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_KeyEx_RS A_1024 | This counter tracks the number of back-end RSA 1024-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_KeyEx_RS A_2048 | This counter tracks the number of back-end RSA 2048-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_SSLv3Ren ego | This counter tracks the number of back-end SSLv3 session renegotiations on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_KeyEx_D H_512 | This counter tracks the number of back-end DH 512-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_KeyEx_D H_1024 | This counter tracks the number of back-end DH 1024-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_KeyEx_D H_2048 | This counter tracks the number of back-end DH 2048-bit key exchanges on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TLSv1Ren ego | This counter tracks the number of back-end TLSv1 session renegotiations on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Auth_RSA | This counter tracks the number of back-end RSA authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Auth_DSS | This counter tracks the number of back-end DSS authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Auth_DH | This counter tracks the number of back-end DH authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Auth_NUL L | This counter tracks the number of back-end null authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_DE S_40 | This counter tracks the number of back-end DES 40-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_DE S_56 | This counter tracks the number of back-end DES 56-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_3D ES_168 | This counter tracks the number of back-end 3DES 168-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 4_40 | This counter tracks the number of back-end RC4 40-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 4_56 | This counter tracks the number of back-end RC4 56-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 4_64 | This counter tracks the number of back-end RC4 64-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 4_128 | This counter tracks the number of back-end RC4 128-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 2_40 | This counter tracks the number of back-end RC2 40-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 2_56 | This counter tracks the number of back-end RC2 56-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_RC 2_128 | This counter tracks the number of back-end RC2 128-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_ID EA_128 | This counter tracks the number of back-end IDEA 128-bit cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_N ULL | This counter tracks the number of back-end null cipher encryption on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Hash_MD 5 | This counter tracks the number of back-end MD5 hashes on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Hash_SHA | This counter tracks the number of back-end SHA hashes on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TotalSessi onCount | This counter tracks the number of back-end SSL sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_SessionEx port | This counter tracks the number of back-end export sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TLSv1Sess Count | This counter tracks the number of back-end TLSv1 sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_SSLv3Sess Count | This counter tracks the number of back-end SSLv3 sessions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_TLSv1Han dskCount | This counter tracks the number of back-end TLSv1 handshakes on the NetScaler appliance. |
| ssl_tot_sslEvent_Backend_TLSv1C A | This counter tracks the number of back-end TLSv1 client authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_SSLv3Han dskCount | This counter tracks the number of back-end SSLv3 handshakes on the NetScaler appliance. |
| ssl_tot_sslEvent_Backend_SSLv3C A | This counter tracks the number of back-end SSLv3 client authentications on the NetScaler appliance. |
| ssl_tot_sslInfo_Cipher_AES_256 | This counter tracks the number of AES 256-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_AE S_128 | This counter tracks the back-end AES 128-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_Backend_Cipher_AE S_256 | This counter tracks the back-end AES 256-bit cipher encryptions on the NetScaler appliance. |
| ssl_tot_sslInfo_SSLv3TxCount | This counter tracks the total number of SSLv3 transactions on the NetScaler appliance. |
| ssl_tot_sslInfo_Auth_DSS | This counter tracks the number total number of times DSS authorization is used on the NetScaler appliance. |
| ssl_cfg_tot_cards | This counter tracks the number of SSL crypto cards present on the NetScaler appliance. |
| ssl_cfg64_tot_sslcardstatus | Status of the SSL card. (1=UP, 0=DOWN) |
| ssl_num_cards_up | This counter tracks the number of SSL cards that have the status as UP. If the number of cards with the status UP is lower than a threshold, a failover is initiated. |
| ssl_cfg_tot_sslInfo_currSPS | This counter tracks the SSL sessions per second between client and NetScaler appliance. |
| ssl_cur_engine_state | This counter tracks the state of the SSL Engine (1=UP/0=DOWN). This state is decided based on SSL Feature/License status and minimum number of cards that have the status as UP. |
| ssl_cur_session_inuse | This counter tracks the number of active SSL in use. |
| ssl_tot_sw_enc_bytes_FE | This counter tracks the number of bytes encrypted in software on the front end. |
| ssl_tot_sw_enc_bytes_BE | This counter tracks the number of bytes encrypted in software on the back end. |
| ssl_tot_sw_dec_bytes_FE | This counter tracks the number of bytes decrypted in software on the front end. |
| ssl_tot_sw_dec_bytes_BE | This counter tracks the number of bytes decrypted in software on back-end |
| ssl_tot_hw_enc_bytes_FE | This counter tracks the number of bytes encrypted in hardware on the front end. |
| ssl_tot_hw_enc_bytes_BE | This counter tracks the number of bytes encrypted in hardware on the back end. |
| ssl_tot_hw_dec_bytes_FE | This counter tracks the number of bytes decrypted in hardware on the front end. |
| ssl_tot_hw_dec_bytes_BE | This counter tracks the number of bytes decrypted in hardware on the back end. |
| ssl_tot_enc_bytes_FE | This counter tracks the number of bytes encrypted on the front end. |
| ssl_tot_enc_bytes_BE | This counter tracks the number of bytes encrypted on the back end. |
| ssl_tot_dec_bytes_FE | This counter tracks the number of bytes decrypted on the front end. |
| ssl_tot_dec_bytes_BE | This counter tracks the number of bytes decrypted on the back end. |
| ssl_tot_enc_bytes | This counter tracks the number of bytes encrypted on the NetScaler appliance. |
| ssl_tot_dec_bytes | This counter tracks the number of bytes decrypted on the NetScaler appliance. |
| ssl_tot_sw_dec_bytes | This counter tracks the number of bytes decrypted in software. |
| ssl_tot_hw_dec_bytes | This counter tracks the number of bytes decrypted in hardware. |
| ssl_tot_sw_enc_bytes | This counter tracks the number of bytes encrypted in software. |
| ssl_tot_hw_enc_bytes | This counter tracks the number of bytes encrypted in hardware. |
| ssl_cur_q_size | This counter tracks the current queue size |
Issue/Introduction
This article contains information about the newnslog Secure Socket Layer (SSL) counters and its brief description.
Was this article helpful?
Yes
No
Powered by
