zoukankan      html  css  js  c++  java

  • nswl 收集日志

    nswl 收集日志

    参考链接:https://docs.citrix.com/en-us/citrix-adc/12-1/system/web-server-logging.html

    PS C:UsersLSGXDesktopxxxin> .
swl.exe -help
usage : nswl -[cmds] [cmd arguments]
        cmds  cmd arguments: -f <filename> -d debug
        -help          - detail help
        -start         - cmd arguments [starts weblogging]
        -verify        - cmd arguments [verifies config file]
        -addns         - cmd arguments [add a netscaler to conf file]
        -install       - cmd arguments [install program as a service ]
        -remove        - cmd arguments [remove service]
        -startservice  - start Netscaler Weblogging service
        -stopservice   - stop Netscaler Weblogging service
        -version       - prints the version info

PS C:UsersLSGXDesktopxxxin>
PS C:UsersLSGXDesktopxxxin> .
swl.exe -addns -f .log.conf
NSIP:192.168.195.91
userid:nsroot
password:Done !!
PS C:UsersLSGXDesktopxxxin>
PS C:UsersLSGXDesktopxxxin> .
swl.exe -start -f .log.conf

    log.conf 文件内容

    ##########
# This is the NSWL configuration file
# Only the default filter is active
# Remove leading # to activate other filters
##########

##########
# Default filter (default on)
# W3C Format logging, new file is created every hour or on reaching 10MB file size,
# and the file name is Exyymmdd.log
##########
Filter default 

begin default
	logFormat		W3C
	logInterval		Hourly
	logFileSizeLimit	10
	logFilenameFormat	Ex%{%y%m%d}t.log
end default

##########
# Netscaler caches example 
# CACHE_F filter covers all the transaction with HOST name www.netscaler.com and the listed server ip's
##########
#Filter CACHE_F HOST www.netscaler.com IP 192.168.100.89 192.168.100.95 192.168.100.52 192.168.100.53 ON

##########
# Netscaler origin server example
# Not interested in Origin server to Cache traffic transaction logging
##########
#Filter ORIGIN_SERVERS IP 192.168.100.64 192.168.100.65 192.168.100.66 192.168.100.67 192.168.100.225 192.168.100.226 192.168.100.227 192.168.100.228 OFF

##########
# Netscaler image server example
# all the image server logging.
##########
#Filter IMAGE_SERVER HOST www.netscaler.images.com IP 192.168.100.71 192.168.100.72 192.168.100.169 192.168.100.170 192.168.100.171 ON

##########
# NCSA Format logging, new file is created every day midnight or on reaching 20MB file size,
# and the file name is /datadisk5/NETSCALER/log/NS<hostname>/Nsmmddyy.log.
# Exclude objects that ends with .gif .jpg .jar.
##########
#begin ORIGIN_SERVERS
#	logFormat 		NCSA
#	logInterval 		Daily
#	logFileSizeLimit 	40
#	logFilenameFormat 	/datadisk5/ORGIN/log/%v/NS%{%m%d%y}t.log
#	logExclude		.gif .jpg .jar
#end ORIGIN_SERVERS

##########
# NCSA Format logging, new file is created every day midnight or on reaching 20MB file size,
# and the file name is /datadisk5/NETSCALER/log/NS<hostname>/Nsmmddyy.log with log record timestamp as GMT.
##########
#begin CACHE_F
#	logFormat 		NCSA
#	logInterval 		Daily
#	logFileSizeLimit 	20
#	logFilenameFormat /datadisk5/NETSCALER/log/%v/NS%{%m%d%y}t.log
#	logtime			GMT
#end CACHE_F


##########
# W3C Format logging, new file on reaching 20MB and the log file path name is
# atadisk6/NETSCALER/log/server's ip/Exmmyydd.log with log record timestamp as LOCAL.
##########
#begin IMAGE_SERVER
#	logFormat 		W3C
#	logInterval 		Size
#	logFileSizeLimit	20
#	logFilenameFormat /datadisk6/NETSCALER/log/%AEx%{%m%d%y}t
#	logtime			LOCAL
#end IMAGE_SERVER


##########
# Virtual Host by Name firm, can filter out the logging based on the host name by, 
##########

#Filter VHOST_F IP 10.101.2.151 NETMASK 255.255.255.0
#begin VHOST_F
#	logFormat		W3C
#	logInterval		Daily
#	logFileSizeLimit	10
#	logFilenameFormat /ns/prod/vhost/%v/Ex%{%m%d%y}t
#end VHOST_F

########## END FILTER CONFIGURATION ##########


NSIP	172.16.201.185	username	nsroot	password	230:1>0:1754434651,>*4*71>+3,33=/>3=-1+2-:(5(2-5,9*952.>6=1>,<77,4+9/>457<531118*;*321+>)83360170<616<6>.=2?74+3731;.?5610(=)4)550)46=.8/1*?.9-2*;4:2>/77:*>191<71/323*7-=2058);.2,>6?297:/1.849-1001>-5.9)5+>2?-17=)34<4=54-7+1.:400?(027655:.46<-72>6=+446.343

    启动 nswl 客户端程序:

    注意:收集的内容会写入 Ex*.log 文件中。

    查看收集的日志内容:

    How To Customize NetScaler Web Logging 

    https://support.citrix.com/article/CTX227457

    Created: 06 Sep 2017 Modified: 27 Sep 2017

    Objective

    This article describes how to configure NetScaler Web Logging (NSWL) client and customize NSWL logging.

    Instructions

    Enabling web logging feature on the NetScaler

    • We can enable web logging feature using the command “enable ns feature WL” on cli or on gui by check the Web Logging in Advanced features:
      

     Downloading NSWL client

    • Open the URL: https://www.citrix.com/downloads.html.
    • Log in to the site using your credentials.
    • Open the page for the required release number and build.
    • In the page, under Weblog Clients, click Download. The package has the name format as follows: Weblog-<release number>-<build number>.zip. In my case, it is nswl_win-11.1-52.13.

             

    Installing NSWL client on Windows server

    • Extract the nswl_win-11.1-52.13.zip file from the package.
    • Copy the extracted file to a Windows system on which you want to install the NSWL client.
    • On the Windows system, unzip the file in a directory (referred as <NSWL-HOME>). The following directories are extracted: bin, etc, and samples.

              

    • At the command prompt, run the following command from the <NSWL-HOME>in directory:
      nswl -install -f <directorypath>log.conf

    where, <directorypath> refers to the path of the configuration file (log.conf). By default, the file is in the <NSWL-HOME>etc directory. However, you can copy the configuration file to any other directory.

    Adding the NSIP

    • Run the command nswl –addns –f <directorypath>log.conf (Please note that the nswl client logging only work with the nsroot user. So, always add userid as nsroot)

    • Once the NSIP has been added, you will see the entry in the bottom of the log.conf file (etclog.conf)

    • Verify if the log.conf file is correct using the command nswl –verify –f <directorypath>log.conf

    • We can start the service using the command nswl –start –f <directorypath>log.con

    • Once we start the service, the logs will get generated in the <NSWL-HOME>in directory

              

    Customizing logging to get the client ip address on the nswl logs

    • By default the log format is w3c format.

              

    • The fields that we get in the w3c format are “date time c-ip cs-username sc-servicename s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status cs-bytes sc-bytes time-taken cs-version cs(User-Agent) cs(Cookie) cs(Referer)”

              

    • We can customize the logs as per the

              

    • To export the “X-Forwarded-For” field from the http header by the web logging feature, configure the Custom HTTP Request Header to “X-Forwarded-For” in the Global System Settings.

              

              

    • Then customize the log format to “custom %{%Y-%m-%d%H:%M:%S}t %a %u %S %A %p %m %U %q %s %j %J %T %H "%{user-agent}i" "%{cookie}i" "%{referer}i" "%{X-Forwarded-For}i" %T %M %e1 %e2”

              

    ================== End
  • 相关阅读:
    TCP/IP(四)网络层
    TCP/IP(二)物理层详解
    TCP/IP(一)之开启计算机网络之路
    TCP/IP中你不得不知的十大秘密
    ASP .NET Core 基本知识点示例 目录
    微服务 + Docker + Kubernetes 入门实践 目录
    ASP.NET Core 中的实时框架 SingalR
    ASP.NET Core WebAPI中使用JWT Bearer认证和授权
    .NET Core 中的通用主机和后台服务
    EF Core 实现多租户
  • 原文地址:https://www.cnblogs.com/lsgxeva/p/10479512.html
Copyright © 2011-2022 走看看