Citrix ADC Monitoring
With Citrix ADC monitoring, uberAgent collects appliance & gateway performance, utilization, and inventory data from Citrix Application Delivery Controllers (formerly NetScaler ADC).
The uberAgent endpoint agent needs to be installed on a machine from where it can reach the physical or virtual Citrix ADC appliance(s). On Citrix Delivery Controllers (DDCs) the collection of ADC metrics is enabled by default. Of course, ADC metrics can also be retrieved from any other machine instead.
Citrix ADC monitoring is activated by default only on Citrix delivery controllers, as explained above. You can modify this behavior through the configuration setting
[CitrixADC_Config] in uberAgent’s configuration.
To completely disable collecting Citrix ADC metrics, disable the following metrics in the configuration:
If you have uberAgent already installed on one or more DDCs for Citrix site monitoring, it makes sense to also collect Citrix ADC metrics there. Make sure that the DDCs can communicate with the Citrix ADC management interface (NSIP) either through port 80 or, if you enabled
Secure Access Only for the NSIP, through port 443.
While DDCs may be the ideal place to capture Citrix ADC data for most customers, that may not be the case for everybody. As explained above, you can overwrite the setting
CollectADCInformation in the stanza
[CitrixADC_Config] to collect Citrix ADC metrics from any installed uberAgent endpoint. Make sure that this setting is only distributed to the machines that are intended for this purpose. If you distribute it to all machines where uberAgent is installed, every endpoint communicates with the Citrix ADC appliance(s) which could overload the appliance(s) and generate unnecessary data.
Besides network access, uberAgent also needs credentials to be able to login into the Citrix ADC appliances. It only needs to read information, hence using a user with the command policy read-only bound is the recommended option. Users with more privileges are also supported, but not recommended from a security perspective.
Create a user with the command policy read-only bound from CLI:
add system user nsread Password -externalAuth DISABLED -timeout 900 -maxsession 20 bind system user nsread read-only 100
This section explains the configuration via uberAgent’s configuration file. The configuration via GPO works accordingly.
Use the stanza
[CitrixADC_Config] to specify how uberAgent should connect to your appliance(s). If multiple
[CitrixADC_Config] stanzas are specified, the configured metrics are determined for each of them. Use one
[CitrixADC_Config] stanza per Citrix ADC pair.
Following are some examples of valid Citrix ADC configurations. More information on the parameters is available in the configuration file itself. Note that passwords can be encrypted.
Example 1: one Citrix ADC appliance manageable through HTTP (port 80). Data collection happens on DDCs only
[CitrixADC_Config] Server = 10.1.1.21 Username = nsread Password = Password Https = false CollectADCInformation = DDCOnly
Example 2: a Citrix ADC high-availability pair manageable through HTTPS (port 443). Data collection happens not on a DDC.
- If HTTPS is used, the entries in the setting
Servermust match those in the certificate bound to the NSIP.
- uberAgent collects performance information for the primary appliance only. So for best collection performance list the primary appliance first.
[CitrixADC_Config] Server = CitrixADC1.domain.local,CitrixADC2.domain.local Username = nsread Password = Password Https = True CollectADCInformation = True
Please see the system requirements page for details.