Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Citrix ADC Integration Guide

integrations network citrix

Citrix ADC should be configured to send logs via syslog to the Taegis™ XDR Collector. Please follow the instructions in Citrix’s documentation to configure audit logging.

Connectivity Requirements

Source Destination Port/Protocol
Citrix ADC Taegis™ XDR Collector (mgmt IP) UDP/514

Data Provided from Integrations

  Auth DNS HTTP Management Netflow NIDS Process Thirdparty
Citrix ADC D   D Y D    

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections


Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Configuration Instructions

To configure Citrix ADC to send logs to Secureworks® Taegis™ XDR via syslog, follow the instructions provided by Citrix to configure audit log policies.

Ensure you complete the following fields with the correct values:


Citrix ADC events are normalized as Secureworks® Taegis™ XDR Sensor Type Netscaler.


On this page: