log collection plan for scenario where a web application is not working via netscaler

log collection plan for scenario where a web application is not working via netscaler

book

Article ID: CTX341787

calendar_today

Updated On:

Description

This article demonstrates a typical log collection plan for a scenario where a web application is not working.

Instructions

Perform below steps to capture logs for troubleshooting purpose

Turn ON logging:

                1: Turn on HAR logs
                steps: open client browser tab, open developer tools, click on 'network' tab>> enable 'preserve log' checkbox>> start recording logs.
                2: Client trace(optional. Recommended in GSLB/cluster scenarios)
                steps: start wireshark trace on client PC
                3: ADC debug:
                steps: ADC GUI>> configuration>>system>>Auditing>>change auditing syslog settings>>log level ‘All’
                4: Nstrace:
                steps: ADC GUI>> configuration>>system>>diagnostics>>start new nstrace>> packet size 0, capture master ssl keys ON>>click ‘start’>>’acknowledge’ prompt message>>Click ‘Ok’
                (If there is heavy traffic on device, please take filtered nstrace)

Reproduce the issue from same browser tab where HAR recording is ON

Note following contextual details:
Username
Client Public IP
NAT IP(If traffic is getting source address translated before reaching netscaler)
Timestamp(with Timezone)
               
Once issue is reproduced, capture the screenshot of error message being displayed by webpage.
               
Procedure to Turn OFF logging and save logs:

                1: Stop client trace (applicable If was turned ON)
                                Steps: Wireshark >> click 'capture' on menu bar >> 'stop capture' >> File >> 'save As'
                2: Stop ADC trace
                                steps: click 'Stop and Download' >> download trace file(s) and nssslkey
                3: Save browser logs
                                Steps: click 'stop recording network log' button >> click 'Export HAR file' button
                4: Turn off ADC debug.
                                Steps: ADC GUI>> configuration>>system>>Auditing>>change auditing syslog settings>>turn off 'debug' option in 'log level'
                5: Generate support file from netscaler
                                Steps: ADC GUI>> configuration>>System > Diagnostics > Technical Support, and then click Generate Technical Support File.
               
Recommendations:

>Captured log files should follow naming convention, so it is easier to identify its details:
Eg: nonworking_nstrace.cap, nonworking_clientside_capture.pcapng etc

>It is advised to verify ns.log and newnslog file covering issue time are captured properly in support file.
Else, these should be collected manually from /var/log/ and /var/nslog/ location respectively.
 

Powered by Wolken Software