NetScaler Application Firewall Does Not Show/Generate Alerts Severity Messages in ns.log

NetScaler Application Firewall Does Not Show/Generate Alerts Severity Messages in ns.log

book

Article ID: CTX201705

calendar_today

Updated On:

Description

When a syslog server was added to the NetScaler, the ns.log stopped getting Alerts Severity Messages; only informational messages were displayed.

Resolution

To resolve this issue enable CEF Logging on NetScaler:

  1. On the NetScaler GUI navigate to Security.

  2. Click Application Firewall node.

  3. Select Change Engine Settings.

  4. Enable CEF Logging.

This will generate "ALERT" messages on the nslog/syslog and rules can be deployed from the Application Firewall logs viewer.

Issue/Introduction

When a Syslog server was added to the NetScaler, the ns.log stopped getting Alerts Severity Messages, only informational messages were displayed.

Additional Information

CTX136146 - Common Event Format (CEF) Logging Support in the Application Firewall

Powered by Wolken Software