Skip to content

Citrix Xencenter

Citrix Xencenter

About

XenCenter enables you to manage your XenServer or Citrix Hypervisor environment and deploy, manage, and monitor virtual machines from your Windows desktop machine.

Product Details

Vendor URL: Citrix Xencenter

Product Type: Hypervisor

Product Tier: Tier III

Integration Method: Syslog

Parser Details

Log Format: Syslog

Expected Normalization Rate: 100%

Data Label: CITRIX_XENCENTER

UDM Fields (list of all UDM fields leveraged in the Parser):

Event UDM Event Classification
custom filter principal.asset.hardware.cpu_number_cores
custom filter target.process.command_line
custom filter target.file.full_path
Xencenter metadata.product_name
Citrix metadata.vendor_name
custom filter metadata.product_event_type
custom filter metadata.description
custom filter observer.hostname
custom filter security_result.summary
custom filter security_result.category_details
custom filter additonal.fields

Product Event Types

Event UDM Event Classification
all others GENERIC_EVENT

Log Sample

<135>Nov 13 18:54:59 hostname1 xcp-rrdd-xenpm: [debug|hostname2|0 ||xcp-rrdd-xenpm] Found 240 states; with 48 CPUs this means 5 states per CPU

Sample Parsing

additional.fields["states per CPU"] = "5"
additional.fields["total_states"] = "240"
metadata.description = "Found 240 states; with 48 CPUs this means 5 states per CPU"
metadata.event_timestamp.seconds = 1699901699
metadata.event_timestamp.nanos = 0
metadata.event_type = "GENERIC_EVENT"
metadata.log_type = "CITRIX_XENCENTER"
metadata.product_event_type = "xcp-rrdd-xenpm"
metadata.product_name = "Xencenter"
metadata.vendor_name = "Citrix"
observer.hostname = "hostname1"
principal.asset.hardware.cpu_number_cores = "48"
security_result.category_details = "debug"
security_result.category_details = "0 "
security_result.summary = "xcp-rrdd-xenpm"