Citrix-ADM using localhost IP 127.0.0.1 to send syslog traffic to Splunk server

Citrix-ADM using localhost IP 127.0.0.1 to send syslog traffic to Splunk server

book

Article ID: CTX316674

calendar_today

Updated On:

Description

Citrix-ADM 13.0 76.29 is noted to be using localhost IP to send Syslog traffic instead of ADM IP to external Syslog server. As a result, Citrix ADM is not able to send the Syslog traffic to Splunk server successfully as seen below.
image.png
A tcpdump on Citrix ADM also shows traffic is generated and sent using localhost as below.

image.png

Resolution

This is a known issue, and the resolution is to upgrade the Citrix ADM to the fixed version i.e. 13.0 79.64 or above.

Problem Cause

ADM is using localhost IP to send syslog traffic, which is known issue NSADM-70074.

Powered by Wolken Software