?
Solved

Citrix Access Gateway - Reading the Audit Log

Posted on 2015-02-11
2
Medium Priority
?
241 Views
Last Modified: 2015-02-24
Client has a Citrix Access Gateway (phyiscal) running software 5.0.4 (latest).

They want to be able to review the Audit Logs and report on what user came in from what IP.

I have setup the Audit Log transfer to an FTP server and that works fine. Now the client needs to be able to review those logs. The raw data is stored in TEXT files (annoyingly without column headings!!).

Here is a snip it from the log:
0.0.0.0 - 8080874791657725504:user1\:: [11/Feb/2015:09:48:03 00400] "" - - "" "" Logout "Idle Timeout"
0.0.0.0 - 3820405373289224011:user1\:: [11/Feb/2015:09:52:03 00400] "" - - "" "" Logout "Idle Timeout"
0.0.0.0 - 3047373008680520109:user2\:: [11/Feb/2015:10:01:03 00400] "" - - "" "" Logout "Idle Timeout"
0.0.0.0 - 1770602356344558806:user3\:: [11/Feb/2015:10:03:03 00400] "" - - "" "" Logout "Idle Timeout"
0.0.0.0 - 4697676139107208028:user4\:: [11/Feb/2015:10:25:03 00400] "" - - "" "" Logout "Idle Timeout"
86.96.226.5 - 155248044720429937:user5\:Access: [11/Feb/2015:10:43:14 00400] "" - - "" "" Login "NavUI"
- - -::[11/Feb/2015:10:47:19 00400]"" - - "" "" "STA-Validation" "STA740D751AFC39" "http://server:80/Scripts/CTXSta.dll" "STA Ticket validation SUCCESS"
86.96.226.5 - user5::[11/Feb/2015:10:47:19 00400]"" - - "" "" "SG-Traffic" "Lotus Notes" "10.156.103.10:2598" "CGP" "ICA ACL Check SUCCESS"
86.96.226.5 - domainname\user5::[11/Feb/2015:10:47:19 00400]"" - - "" "" "SG-Traffic" "Lotus Notes" "10.156.103.10:2598" "CGP" "Application launch SUCCESS"

0.0.0.0 - 6956428814212440291:client1\:: [11/Feb/2015:11:14:03 00400] "" - - "" "" Logout "Idle Timeout"
195.229.241.187 - 0:user6\:Access: [11/Feb/2015:11:18:11 00400] "" - - "" "" Login "Login failed"
195.229.241.187 - 8259626861271587592:user6\:Access: [11/Feb/2015:11:18:15 00400] "" - - "" "" Login "NavUI"
- - -::[11/Feb/2015:11:21:31 00400]"" - - "" "" "STA-Validation" "STA740D751AFC39" "http://server:80/Scripts/CTXSta.dll" "STA Ticket validation SUCCESS"

Does any:
Know what all the headings should be?
Have any way of importing and sorting the data into a format the client can filter on?

Thanks
Mark
0
Comment
Question by:Mark Galvin
  • 2
2 Comments
 
LVL 13

Accepted Solution

by:
Mark Galvin earned 0 total points
ID: 40628005
Using PowerQuery in Excel we were able to manipulate the data so that it was in a a format we could use and then report on.

Thanks
Mark
0
 
LVL 13

Author Closing Comment

by:Mark Galvin
ID: 40628006
Using PowerQuery in Excel we were able to manipulate the data so that it was in a a format we could use and then report on.

Thanks
Mark
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix policies are the most efficient method to configure and tune XenDesktop environments, allowing organizations to control connection, security and bandwidth settings based on various combinations of users, devices or connection types.  Citrix …
#CITRIX #XENDESKTOP #POC #Citrix Studio
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question