Jump to content
Welcome to our new Citrix community!

is it possible to log the source ip of a request to a data set or a pattern set?


Recommended Posts

Idea is to configure a responder policy and check if the http.req.url is listed in a pattern set (hosted on the netscaler itself), and if the condition is true => log the source ip to another pattern set.

Consequently, I can configure second responder policy, and verify if the source ip is listed in the first pattern set (filled up by the 1st responder policy). When the condition is true, i would block that request.

 

In that way, I would have some kind of auto block mechanism when someone (or something) tries to access specific url's (like /wp-admin or other similar stuff ...) that all subsequent request from that user would automatically be blocked

 

I don't know however, if it is somehow possible to fill up a pattern set as a responder action or a audit message action.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...