Configuring logging

Logs are crucial when troubleshooting AppFirewall issues. For AppFirewall to log any requests when one of the configured protections receives a hit, logging needs to be enabled for that specific protection. These logs are written to /var/log/ns.log. In the interest of preserving them for longer than the NetScaler logging process permits, you can also consider sending them to a syslog server through a syslog policy.

Logging works independent of blocking. To explain this, consider the following screenshot:

Configuring logging

As a result of this configuration:

  • CSRF violations will both be blocked and all blocking will be logged
  • XSS attacks will not be ...

Get Troubleshooting NetScaler now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial