Solved

Gathering IIS EXTERNAL connection logs?

Posted on 2015-01-20
4
131 Views
Last Modified: 2015-01-26
Hi,

I need to gather the  details (Source IPs and date/time) of external client's IP details on some Citrix 5.0 XenApp Secure Gateway servers, running on server 2008.

Both, the IIS logs at D:\inetpub\logs\logfiles and Citrix logs at C:\Program Files (x86)\Citrix\Secure Gateway\logs are only showing internal IP details.

Is there anywhere else i can look?

thanks

m
0
Comment
Question by:mk112233
  • 2
4 Comments
 
LVL 7

Expert Comment

by:DrAtomic
Comment Utility
No not really, at least not on the server level. Apparently the connections to the servers are being translated at the network level; this basicly means that for logging purposes in your current configuration you need to be at the network level as well and then match the external connection to the natted ip address to find a match.
0
 
LVL 24

Expert Comment

by:Sekar Chinnakannu
Comment Utility
You can try this by configuring the Client-IP Address Logging on IIS Server http://support.citrix.com/article/CTX125526 to get client ip.
0
 
LVL 7

Accepted Solution

by:
DrAtomic earned 500 total points
Comment Utility
You can try this by configuring the Client-IP Address Logging on IIS Server http://support.citrix.com/article/CTX125526 to get client ip.

Adding a custom http header like that will need to be supported on both ends for it to actually end up in the logging; translation you need the network device/setup/infrastructure to add the client source IP to the http header before passing on the packets.

This will solve his issue going forward however it will not fix the existing logs, the only way to go about that is to manually match the logfiles from the network with those from IIS.
0
 

Author Comment

by:mk112233
Comment Utility
Would it be possible to produce custom Citrix logs of individual AD user activity?

We are also using apsense.

Basically just need if / when a particular set of users login to the portal...

Thanks

m
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now