Forum Discussion

MiteshAgrawal's avatar
MiteshAgrawal
Copper Contributor
May 01, 2020

How to Integrate Citrix NetScaler with Azure Sentinel?

Hi Everyone,   Hope you guys are doing good amid this pandemic.   I want to integrate Citrix NetScaler ith Azure Sentinel. I have found the below link to configure Citrix NetScaler to forward log...
MiteshAgrawal's avatar
MiteshAgrawal
Copper Contributor
May 02, 2020

Hi Rod_Trent ,

 

Thanks for the quick reply. Can't we get logs without using any Linux machine in betweeen?

 

Regards,

Mitesh Agrawal

Rod_Trent's avatar
Rod_Trent
Icon for Microsoft rankMicrosoft
May 03, 2020

MiteshAgrawal If the Citrix device can support other formats like .csv or .json, then you could use a Windows box as the forwarder. Just setup a custom log (https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-custom-logs) and install the Log Analytics agent on the Windows box.

 

Not suggesting I know that the Citrix device supports that, but you'll have to check with the vendor to see if they provide alternate instructions.

  • MiteshAgrawal's avatar
    MiteshAgrawal
    Copper Contributor
    May 04, 2020

    Rod_Trent, so if I use Windows forwarder, then I need to write a custom parser to parse the logs received from the forwarder to Azure right? Do we have any documents by following which I can write such parsers.

     

    Also, I have one more doubt. Whether can we use the same windows forwarder for Citrix forwarder and any other syslog device? I mean how Azure will differentiate between the log sources if they both can use the same?

     

    Please help.

     

    Regards,

    Mitesh Agrawal

Resources