nswl 收集日志
nswl 收集日志
参考链接:https://docs.citrix.com/en-us/citrix-adc/12-1/system/web-server-logging.html
PS C:\Users\LSGX\Desktop\xxx\bin> .\nswl.exe -help
usage : nswl -[cmds] [cmd arguments]
cmds cmd arguments: -f <filename> -d debug
-help - detail help
-start - cmd arguments [starts weblogging]
-verify - cmd arguments [verifies config file]
-addns - cmd arguments [add a netscaler to conf file]
-install - cmd arguments [install program as a service ]
-remove - cmd arguments [remove service]
-startservice - start Netscaler Weblogging service
-stopservice - stop Netscaler Weblogging service
-version - prints the version info PS C:\Users\LSGX\Desktop\xxx\bin>
PS C:\Users\LSGX\Desktop\xxx\bin> .\nswl.exe -addns -f .\log.conf
NSIP:192.168.195.91
userid:nsroot
password:Done !!
PS C:\Users\LSGX\Desktop\xxx\bin>
PS C:\Users\LSGX\Desktop\xxx\bin> .\nswl.exe -start -f .\log.conf
log.conf 文件内容
##########
# This is the NSWL configuration file
# Only the default filter is active
# Remove leading # to activate other filters
########## ##########
# Default filter (default on)
# W3C Format logging, new file is created every hour or on reaching 10MB file size,
# and the file name is Exyymmdd.log
##########
Filter default begin default
logFormat W3C
logInterval Hourly
logFileSizeLimit 10
logFilenameFormat Ex%{%y%m%d}t.log
end default ##########
# Netscaler caches example
# CACHE_F filter covers all the transaction with HOST name www.netscaler.com and the listed server ip's
##########
#Filter CACHE_F HOST www.netscaler.com IP 192.168.100.89 192.168.100.95 192.168.100.52 192.168.100.53 ON ##########
# Netscaler origin server example
# Not interested in Origin server to Cache traffic transaction logging
##########
#Filter ORIGIN_SERVERS IP 192.168.100.64 192.168.100.65 192.168.100.66 192.168.100.67 192.168.100.225 192.168.100.226 192.168.100.227 192.168.100.228 OFF ##########
# Netscaler image server example
# all the image server logging.
##########
#Filter IMAGE_SERVER HOST www.netscaler.images.com IP 192.168.100.71 192.168.100.72 192.168.100.169 192.168.100.170 192.168.100.171 ON ##########
# NCSA Format logging, new file is created every day midnight or on reaching 20MB file size,
# and the file name is /datadisk5/NETSCALER/log/NS<hostname>/Nsmmddyy.log.
# Exclude objects that ends with .gif .jpg .jar.
##########
#begin ORIGIN_SERVERS
# logFormat NCSA
# logInterval Daily
# logFileSizeLimit 40
# logFilenameFormat /datadisk5/ORGIN/log/%v/NS%{%m%d%y}t.log
# logExclude .gif .jpg .jar
#end ORIGIN_SERVERS ##########
# NCSA Format logging, new file is created every day midnight or on reaching 20MB file size,
# and the file name is /datadisk5/NETSCALER/log/NS<hostname>/Nsmmddyy.log with log record timestamp as GMT.
##########
#begin CACHE_F
# logFormat NCSA
# logInterval Daily
# logFileSizeLimit 20
# logFilenameFormat /datadisk5/NETSCALER/log/%v/NS%{%m%d%y}t.log
# logtime GMT
#end CACHE_F ##########
# W3C Format logging, new file on reaching 20MB and the log file path name is
# atadisk6/NETSCALER/log/server's ip/Exmmyydd.log with log record timestamp as LOCAL.
##########
#begin IMAGE_SERVER
# logFormat W3C
# logInterval Size
# logFileSizeLimit 20
# logFilenameFormat /datadisk6/NETSCALER/log/%AEx%{%m%d%y}t
# logtime LOCAL
#end IMAGE_SERVER ##########
# Virtual Host by Name firm, can filter out the logging based on the host name by,
########## #Filter VHOST_F IP 10.101.2.151 NETMASK 255.255.255.0
#begin VHOST_F
# logFormat W3C
# logInterval Daily
# logFileSizeLimit 10
# logFilenameFormat /ns/prod/vhost/%v/Ex%{%m%d%y}t
#end VHOST_F ########## END FILTER CONFIGURATION ########## NSIP 172.16.201.185 username nsroot password 230:1>0:1754434651,>*4*71>+3,33=/>3=-1+2-:(5(2-5,9*952.>6=1>,<77,4+9/>457<531118*;*321+>)83360170<616<6>.=2?74+3731;.?5610(=)4)550)46=.8/1*?.9-2*;4:2>/77:*>191<71/323*7-=2058);.2,>6?297:/1.849-1001>-5.9)5+>2?-17=)34<4=54-7+1.:400?(027655:.46<-72>6=+446.343
启动 nswl 客户端程序:
注意:收集的内容会写入 Ex*.log 文件中。
查看收集的日志内容:
How To Customize NetScaler Web Logging
https://support.citrix.com/article/CTX227457
Created: 06 Sep 2017 | Modified: 27 Sep 2017
Objective
This article describes how to configure NetScaler Web Logging (NSWL) client and customize NSWL logging.
Instructions
Enabling web logging feature on the NetScaler
- We can enable web logging feature using the command “enable ns feature WL” on cli or on gui by check the Web Logging in Advanced features:
Downloading NSWL client
- Open the URL: https://www.citrix.com/downloads.html.
- Log in to the site using your credentials.
- Open the page for the required release number and build.
- In the page, under Weblog Clients, click Download. The package has the name format as follows: Weblog-<release number>-<build number>.zip. In my case, it is nswl_win-11.1-52.13.
Installing NSWL client on Windows server
- Extract the nswl_win-11.1-52.13.zip file from the package.
- Copy the extracted file to a Windows system on which you want to install the NSWL client.
- On the Windows system, unzip the file in a directory (referred as <NSWL-HOME>). The following directories are extracted: bin, etc, and samples.
At the command prompt, run the following command from the <NSWL-HOME>\bin directory:
nswl -install -f <directorypath>\log.conf
where, <directorypath> refers to the path of the configuration file (log.conf). By default, the file is in the <NSWL-HOME>\etc directory. However, you can copy the configuration file to any other directory.
Adding the NSIP
Run the command nswl –addns –f <directorypath>\log.conf (Please note that the nswl client logging only work with the nsroot user. So, always add userid as nsroot)
Once the NSIP has been added, you will see the entry in the bottom of the log.conf file (\etc\log.conf)
Verify if the log.conf file is correct using the command nswl –verify –f <directorypath>\log.conf
We can start the service using the command nswl –start –f <directorypath>\log.con
- Once we start the service, the logs will get generated in the <NSWL-HOME>\bin directory
Customizing logging to get the client ip address on the nswl logs
- By default the log format is w3c format.
- The fields that we get in the w3c format are “date time c-ip cs-username sc-servicename s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status cs-bytes sc-bytes time-taken cs-version cs(User-Agent) cs(Cookie) cs(Referer)”
- We can customize the logs as per the
- To export the “X-Forwarded-For” field from the http header by the web logging feature, configure the Custom HTTP Request Header to “X-Forwarded-For” in the Global System Settings.
- Then customize the log format to “custom %{%Y-%m-%d%H:%M:%S}t %a %u %S %A %p %m %U %q %s %j %J %T %H "%{user-agent}i" "%{cookie}i" "%{referer}i" "%{X-Forwarded-For}i" %T %M %e1 %e2”
================== End
nswl 收集日志的更多相关文章
- nginx日志切割并使用flume-ng收集日志
nginx的日志文件没有rotate功能.如果你不处理,日志文件将变得越来越大,还好我们可以写一个nginx日志切割脚本来自动切割日志文件.第一步就是重命名日志文件,不用担心重命名后nginx找不到日 ...
- 使用开源软件sentry来收集日志
原文地址:http://luxuryzh.iteye.com/blog/1980364 对于一个已经上线的系统,存在未知的bug或者运行时发生异常是很常见的事情,随之而来的几点需求产生了: 1.系统发 ...
- ELK收集日志到mysql
场景需求 在使用ELK对日志进行收集的时候,如果需要对数据进行存档,可以考虑使用数据库的方式.为了便于查询,可以同时写一份数据到Elasticsearch 中. 环境准备 CentOS7系统: 192 ...
- 通过 Systemd Journal 收集日志
随着 systemd 成了主流的 init 系统,systemd 的功能也在不断的增加,比如对系统日志的管理.Systemd 设计的日志系统好处多多,这里笔者就不再赘述了,本文笔者主要介绍 syste ...
- rancher使用fluentd-pilot收集日志分享
fluentd-pilot简介 fluentd-pilot是阿里开源的docker日志收集工具,Github项目地址:https://github.com/AliyunContainerService ...
- ELK之使用kafka作为消息队列收集日志
参考:https://www.cnblogs.com/fengjian2016/p/5841556.html https://www.cnblogs.com/hei12138/p/7805475 ...
- 配置好Nginx后,通过flume收集日志到hdfs(记得生成本地log时,不要生成一个文件,)
生成本地log最好生成多个文件放在一个文件夹里,特别多的时候一个小时一个文件 配置好Nginx后,通过flume收集日志到hdfs 可参考flume的文件 用flume的案例二 执行的注意点 avro ...
- ELKStack入门篇(二)之Nginx、Tomcat、Java日志收集以及TCP收集日志使用
1.收集Nginx的json格式日志 1.1.Nginx安装 [root@linux-node1 ~]# yum install nginx -y [root@linux-node1 ~]# vim ...
- ELK之收集日志到mysql数据库
写入数据库的目的是持久化保存重要数据,比如状态码.客户端浏览器版本等,用于后期按月做数据统计等. 环境准备 linux-elk1:10.0.0.22,Kibana ES Logstash Nginx ...
随机推荐
- MSSQL清理日志\删除数据\收缩数据库
首先解释一下数据库的版本是SQL Server 2012.清除的数据库800多G,磁盘空间就剩10多G,数据量最多的表有2亿.目的就是清楚去年的数据(2017年之前),遇到了一些问题,总结起来就是三方 ...
- UVA - 12169 -扩展欧几里得算法
#include<iostream> #include<string.h> #include<algorithm> #include<stdio.h> ...
- Javascript模板引擎handlebars使用
源地址:http://rfyiamcool.blog.51cto.com/1030776/1278620 代码示例: <!DOCTYPE html> <html> <he ...
- iframe跨域解决方案
公司某个功能用的是iframe,由于跨域的原因,我们不能直接设置父级页面iframe的高度,所以用了一个中间页home来完成父级页面iframe的高度设置,这种中间页其实很多时候不好用,因为涉及到页面 ...
- C#复习笔记(4)--C#3:革新写代码的方式(扩展方法)
扩展方法 扩展方法有以下几个需求: 你想为一个类型添加一些 成员: 你不需要为类型的实例添加任何更多的数据: 你不能改变类型本身, 因为是别人的代码. 对于C#1和C#2中的静态方法,扩展方法是一种更 ...
- [转帖]Linux 的静态库与动态库
Linux下的静态库与动态库 2017年02月18日 09:17:13 LLZK_ 阅读数:10257 标签: linux动态库静态库区别使用 更多 个人分类: Linux学习笔记 所属专栏: Lin ...
- 小程序获取当前页面URL
var pages = getCurrentPages() //获取加载的页面 var currentPage = pages[pages.length-1] //获取当前页面的对象 var url ...
- Hbase表结构模型
- 记一次ntp反射放大ddos攻击
2018/3/26 ,共计310G左右的DDoS攻击 临时解决办法:将web服务转移到同生产一个内网段的备份服务器a上,a提供web端口80,数据库通过内网连接还是沿用生产数据库. 后续解决办法:通过 ...
- mvn clean deploy
如果是 mthrift的话,需要部署,就用 mvn clean deploy; 先进入 cd qcs.appeal.client ,然后执行:mvn clean deploy;