Configuring Flow Exports on Citrix Netscaler

AppFlow

AppFlow transmits information by using the Internet Protocol Flow Information eXport (IPFIX) format. IPFIX (the standardized version of Cisco’s NetFlow) is widely used to monitor network flow information of Citrix Netscaler devices.

AppFlow configuration on Citrix Netscaler involves AppFlow feature enabling, AppFlow settings, adding AppFlow collector, creating AppFlow action, creating AppFlow policies, and appending the policy created globally or individual virtual servers.

Configuration

For NetFlow analysis, you need to configure your devices to export flows to Site24x7 On-Premise Poller, which is the NetFlow collector. The On-Premise Poller will be listening to the particular port to receive flows. Learn how to find the port number of your On-Premise Poller.

The configuration steps for AppFlow on Citrix Netscaler is as follows:

Netscaler# enable feature AppFlow

Netscaler# set appflow param -httpUrl ENABLED -httpReferer ENABLED -httpMethod ENABLED -httpHost

ENABLED -httpUserAgent ENABLED -clientTrafficOnly YES

Netscaler# add appflow collector "NetFlow Analyzer" -IPAddress 192.168.1.100 - port 9996

Netscaler# add appflow action af_act_netflowanalyzer -collectors "NetFlow Analyzer"

Netscaler# add appflow policy af_pol_log-all true af_act_NetFlowAnalyzer

Netscaler# bind system global -policyName af_pol_log-all -priority 100 -gotoPriorityExpression

Was this document helpful?
Thanks for taking the time to share your feedback. We’ll use your feedback to improve our online help resources.