Analytics‘ is the new talk in town. An analytics module plugged in to your network not only enable visibility in to a supposed to be ‘black box’ but also help you to generate meaningful run time matrices to take informed decisions and faster actions. No wonder such modules are becoming ‘need’ from ‘demand’ of clients. A versatile box like ‘NetScaler’ help you meet both your functional load balancing requirements and analytics need.

 NetScaler can function as a proxy server to a group of DNS servers. This enable you to capitalize performance and security advantages offered by NetScaler. As NetScaler can easily monitor incoming and outgoing traffic stream  it offers you a nice GUI based dashboard to get various statistics related to your DNS server. But how to get top ‘N’ enquired domains ? Tricky hmm… native action analytics module of ‘NetScaler’ is your answer.

 For those who are not familiar with action analytics can refer http://support.citrix.com/proddocs/topic/ns-main-appexpert-10-1-map/ns-stream-analytics-wrapper-con.html to understand its basic. Here are the steps on how to get this data on your ‘NetScaler’

  1. Create a selector expression using CLIENT.UDP.DNS.DOMAIN
  2. Using this selector create a stream identifier with desired sample count and interval
  3. Create a dns policy, we will use ‘collect stats for stream identifier created in step 2’ as rule for this policy and bind it globally with action as ‘no operation’. Confused ? Let me clarify
  1. You need a policy to collect stats for stream identifier, as we are referring to a UDP server here only possible option is to use a DNS policy. These collection methods always run ‘true’ if used as a rule
  2. DNS policies are allowed to be bound only globally
  3. As purpose of this policy is to collect statistics we will use a ‘DNS_NOP’ as action to ensure no side effectadd dns policy <POLICY NAME> “ANALYTICS.STREAM(\”<STREAM NAME>\”).COLLECT_STATS” DNS-NOP
    bind dns global <POLICY NAME> 100 -gotoPriorityExpression 65535 -type REQ_DEFAULT

Go to Action Analytics -> stream identifier ; select stream identifier, click on  action and select stream session. You will get a customizable dash board here get required statistics. Here is a sample for your reference

I am sure it’s a great tool for reporting and monitoring for network administrators. Can we use these capabilities for gain functional advantages like ‘ rate limiting top used urls ‘ enabling enhanced logging for a certain type of queries ? I will leave that as an open question for discussion. Do comment if you have any such requirement and want us to help you in achieving that.

 How about grouping queries based on query type or record types ( where you have more than one selector unlike a single selector used in this example ) and collecting stats for them. Stay tuned for next blog for yet another feature of amazing ‘NetScaler’ on this series