Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Citrix Access Gateway - Reading the Audit Log

Posted on 2015-02-11
Last Modified: 2015-02-24
Client has a Citrix Access Gateway (phyiscal) running software 5.0.4 (latest).

They want to be able to review the Audit Logs and report on what user came in from what IP.

I have setup the Audit Log transfer to an FTP server and that works fine. Now the client needs to be able to review those logs. The raw data is stored in TEXT files (annoyingly without column headings!!).

Here is a snip it from the log: - 8080874791657725504:user1\:: [11/Feb/2015:09:48:03 00400] "" - - "" "" Logout "Idle Timeout" - 3820405373289224011:user1\:: [11/Feb/2015:09:52:03 00400] "" - - "" "" Logout "Idle Timeout" - 3047373008680520109:user2\:: [11/Feb/2015:10:01:03 00400] "" - - "" "" Logout "Idle Timeout" - 1770602356344558806:user3\:: [11/Feb/2015:10:03:03 00400] "" - - "" "" Logout "Idle Timeout" - 4697676139107208028:user4\:: [11/Feb/2015:10:25:03 00400] "" - - "" "" Logout "Idle Timeout" - 155248044720429937:user5\:Access: [11/Feb/2015:10:43:14 00400] "" - - "" "" Login "NavUI"
- - -::[11/Feb/2015:10:47:19 00400]"" - - "" "" "STA-Validation" "STA740D751AFC39" "http://server:80/Scripts/CTXSta.dll" "STA Ticket validation SUCCESS" - user5::[11/Feb/2015:10:47:19 00400]"" - - "" "" "SG-Traffic" "Lotus Notes" "" "CGP" "ICA ACL Check SUCCESS" - domainname\user5::[11/Feb/2015:10:47:19 00400]"" - - "" "" "SG-Traffic" "Lotus Notes" "" "CGP" "Application launch SUCCESS" - 6956428814212440291:client1\:: [11/Feb/2015:11:14:03 00400] "" - - "" "" Logout "Idle Timeout" - 0:user6\:Access: [11/Feb/2015:11:18:11 00400] "" - - "" "" Login "Login failed" - 8259626861271587592:user6\:Access: [11/Feb/2015:11:18:15 00400] "" - - "" "" Login "NavUI"
- - -::[11/Feb/2015:11:21:31 00400]"" - - "" "" "STA-Validation" "STA740D751AFC39" "http://server:80/Scripts/CTXSta.dll" "STA Ticket validation SUCCESS"

Does any:
Know what all the headings should be?
Have any way of importing and sorting the data into a format the client can filter on?

Question by:Mark Galvin
  • 2
LVL 13

Accepted Solution

Mark Galvin earned 0 total points
ID: 40628005
Using PowerQuery in Excel we were able to manipulate the data so that it was in a a format we could use and then report on.

LVL 13

Author Closing Comment

by:Mark Galvin
ID: 40628006
Using PowerQuery in Excel we were able to manipulate the data so that it was in a a format we could use and then report on.


Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Citrix policies are the most efficient method to configure and tune XenDesktop environments, allowing organizations to control connection, security and bandwidth settings based on various combinations of users, devices or connection types.  Citrix …
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question