netscaler / netscaler.adc / 2.5.1 / module / nstrace Configuration for nstrace operations resource. | "added in version" 2.0.0 of netscaler.adc" Authors: Sumanth Lingappa (@sumanth-lingappa) preview | supported by communitynetscaler.adc.nstrace (2.5.1) — module
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections: - name: netscaler.adc version: 2.5.1
Configuration for nstrace operations resource.
nf: description: - Number of files to be generated in cycle. type: float link: choices: - ENABLED - DISABLED description: - Includes filtered connection's peer traffic. type: str mode: choices: - TX - TXB - RX - IPV6 - NEW_RX - C2C - NS_FR_TX - APPFW - MPTCP - PolicyBased - HTTP_QUIC description: - 'Capturing mode for trace. Mode can be any of the following values or combination of these values:' - ' C(RX) Received packets before NIC pipelining (Filter does not work when C(RX) capturing mode is ON)' - ' C(NEW_RX) Received packets after NIC pipelining' - ' C(TX) Transmitted packets' - ' C(TXB) Packets buffered for transmission' - ' C(IPV6) Translated IPv6 packets' - ' C(C2C) Capture C(C2C) message' - ' C(NS_FR_TX) C(TX)/C(TXB) packets are not captured in flow receiver.' - ' C(MPTCP) C(MPTCP) master flow' - ' C(HTTP_QUIC) HTTP-over-QUIC stream data and stream events' - ' Default mode: C(NEW_RX) C(TXB)' elements: str type: list nsip: description: - The ip address of the NetScaler ADC appliance where the nitro API calls will be made. - The port can be specified with the colon (:). E.g. 192.168.1.1:555. required: true type: str size: description: - Size of the captured data. Set 0 for full packet trace. type: float time: description: - Time per file (sec). type: float merge: choices: - ONSTOP - ONTHEFLY - NOMERGE description: - Specify how traces across PE's are merged type: str nodes: description: - Nodes on which tracing is started. elements: int type: list state: choices: [] default: present description: - The state of the resource being configured by the module on the NetScaler ADC node. type: str fileid: description: - ID for the trace file name for uniqueness. Should be used only with -name option. type: str filter: description: - 'Filter expression for nstrace. Maximum length of filter is 255 and it can be of following format:' - ' <expression> [<relop> <expression>]' - '' - ' <relop> = ( && | || )' - '' - ' <expression> =:' - ' CONNECTION.<qualifier>.<qualifier-method>.(<qualifier-value>)' - '' - ' <qualifier> = SRCIP' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid IPv4 address.' - ' example = CONNECTION.SRCIP.EQ(127.0.0.1)' - '' - ' <qualifier> = DSTIP' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid IPv4 address.' - ' example = CONNECTION.DSTIP.EQ(127.0.0.1)' - '' - ' <qualifier> = IP' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid IPv4 address.' - ' example = CONNECTION.IP.EQ(127.0.0.1)' - '' - ' <qualifier> = SRCIPv6' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid IPv6 address.' - ' example = CONNECTION.SRCIPv6.EQ(2001:db8:0:0:1::1)' - '' - ' <qualifier> = DSTIPv6' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid IPv6 address.' - ' example = CONNECTION.DSTIPv6.EQ(2001:db8:0:0:1::1)' - '' - ' <qualifier> = IPv6' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid IPv6 address.' - ' example = CONNECTION.IPv6.EQ(2001:db8:0:0:1::1)' - '' - ' <qualifier> = SRCPORT' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid port number.' - ' example = CONNECTION.SRCPORT.EQ(80)' - '' - ' <qualifier> = DSTPORT' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid port number.' - ' example = CONNECTION.DSTPORT.EQ(80)' - '' - ' <qualifier> = PORT' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid port number.' - ' example = CONNECTION.PORT.EQ(80)' - '' - ' <qualifier> = VLANID' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid VLAN ID.' - ' example = CONNECTION.VLANID.EQ(0)' - '' - ' <qualifier> = CONNID' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid PCB dev number.' - ' example = CONNECTION.CONNID.EQ(0)' - '' - ' <qualifier> = PPEID' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid core ID.' - ' example = CONNECTION.PPEID.EQ(0)' - '' - ' <qualifier> = SVCNAME' - ' <qualifier-method> = [ EQ | NE | CONTAINS | STARTSWITH' - ' | ENDSWITH ]' - ' <qualifier-value> = A valid text string.' - ' example = CONNECTION.SVCNAME.EQ("name")' - '' - ' <qualifier> = LB_VSERVER.NAME' - ' <qualifier-method> = [ EQ | NE | CONTAINS | STARTSWITH' - ' | ENDSWITH ]' - ' <qualifier-value> = LB vserver name.' - ' example = CONNECTION.LB_VSERVER.NAME.EQ("name")' - '' - ' <qualifier> = CS_VSERVER.NAME' - ' <qualifier-method> = [ EQ | NE | CONTAINS | STARTSWITH' - ' | ENDSWITH ]' - ' <qualifier-value> = CS vserver name.' - ' example = CONNECTION.CS_VSERVER.NAME.EQ("name")' - '' - ' <qualifier> = INTF' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = A valid interface id in the' - ' form of x/y.' - ' example = CONNECTION.INTF.EQ("x/y")' - '' - ' <qualifier> = SERVICE_TYPE' - ' <qualifier-method> = [ EQ | NE ]' - ' <qualifier-value> = ( SVC_HTTP | FTP | TCP | UDP | SSL |' - ' SSL_BRIDGE | SSL_TCP | NNTP | RPCSVR | RPCSVRS |' - ' RPCCLNT | SVC_DNS | ADNS | SNMP | RTSP | DHCPRA | ANY|' - ' MONITOR | MONITOR_UDP | MONITOR_PING | SIP_UDP |' - ' SVC_MYSQL | SVC_MSSQL | FIX | SSL_FIX | PKTSTEER |' - ' SVC_AAA | SERVICE_UNKNOWN )' - ' example = CONNECTION.SERVICE_TYPE.EQ(ANY)' - '' - ' <qualifier> = TRAFFIC_DOMAIN_ID' - ' <qualifier-method> = [ EQ | NE | GT | GE | LT | LE' - ' | BETWEEN ]' - ' <qualifier-value> = A valid traffic domain ID.' - ' example = CONNECTION.TRAFFIC_DOMAIN_ID.EQ(0)' - '' - ' eg: start nstrace -filter "CONNECTION.SRCIP.EQ(127.0.0.1) || (CONNECTION.SVCNAME.NE("s1") && CONNECTION.SRCPORT.EQ(80))"' - ' The filter expression should be given in double quotes.' - '' - 'common use cases:' - '' - Trace capturing full sized traffic from/to ip 10.102.44.111, excluding loopback traffic - start nstrace -size 0 -filter "CONNECTION.IP.NE(127.0.0.1) && CONNECTION.IP.EQ(10.102.44.111)" - '' - Trace capturing all traffic to (terminating at) port 80 or 443 - start nstrace -size 0 -filter "CONNECTION.DSTPORT.EQ(443) || CONNECTION.DSTPORT.EQ(80)" - '' - Trace capturing all backend traffic specific to service service1 along with corresponding client side traffic - start nstrace -size 0 -filter "CONNECTION.SVCNAME.EQ("service1")" -link ENABLED - '' - Trace capturing all traffic through Citrix ADC interface 1/1 - start nstrace -filter "CONNECTION.INTF.EQ("1/1")" - '' - Trace capturing all traffic specific through vlan 2 - start nstrace -filter "CONNECTION.VLANID.EQ(2)" - '' - Trace capturing all frontend (client side) traffic specific to lb vserver vserver1 along with corresponding server side traffic - start nstrace -size 0 -filter "CONNECTION.LB_VSERVER.NAME.EQ("vserver1")" -link ENABLED type: str nodeid: description: - Unique number that identifies the cluster node. type: float pernic: choices: - ENABLED - DISABLED description: - Use separate trace files for each interface. Works only with cap format. type: str skiprpc: choices: - ENABLED - DISABLED description: - skip RPC packets type: str api_path: default: nitro/v1/config description: - Base NITRO API path. - Define only in case of an ADM service proxy call type: str filename: description: - Name of the trace file. type: str filesize: description: - File size, in MB, treshold for rollover. If free disk space is less than 2GB at the time of rollover, trace will stop type: float capdroppkt: choices: - ENABLED - DISABLED description: - Captures Dropped Packets if set to C(ENABLED). type: str capsslkeys: choices: - ENABLED - DISABLED description: - Capture SSL Master keys. Master keys will not be captured on FIPS machine. - ' Warning: The captured keys can be used to decrypt information that may be confidential. The captured key files have to be stored in a secure environment' type: str nitro_pass: description: - The password with which to authenticate to the NetScaler ADC node. required: false type: str nitro_user: description: - The username with which to authenticate to the NetScaler ADC node. required: false type: str save_config: default: false description: - If C(true) the module will save the configuration on the NetScaler ADC node if it makes any changes. - The module will not save the configuration on the NetScaler ADC node if it made no changes. type: bool traceformat: choices: - NSCAP - PCAP description: - Format in which trace will be generated type: str skiplocalssh: choices: - ENABLED - DISABLED description: - skip local SSH packets type: str tracebuffers: description: - Number of 16KB trace buffers type: float inmemorytrace: choices: - ENABLED - DISABLED description: - Logs packets in appliance's memory and dumps the trace file on stopping the nstrace operation type: str nitro_protocol: choices: - http - https default: https description: - Which protocol to use when accessing the nitro API objects. type: str validate_certs: default: true description: - If C(false), SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. required: false type: bool doruntimecleanup: choices: - ENABLED - DISABLED description: - Enable or disable runtime temp file cleanup type: str nitro_auth_token: description: - The authentication token provided by a login operation. type: str version_added: 2.6.0 version_added_collection: netscaler.adc
changed: description: Indicates if any change is made by the module returned: always sample: true type: bool diff: description: Dictionary of before and after changes returned: always sample: after: key2: pqr before: key1: xyz prepared: changes done type: dict diff_list: description: List of differences between the actual configured object and the configuration specified in the module returned: when changed sample: - 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>) PQR' type: list failed: description: Indicates if the module failed or not returned: always sample: false type: bool loglines: description: list of logged messages by the module returned: always sample: - message 1 - message 2 type: list