Blog

Citrix Session Recording Is Great!!!

by
HAL LANGE
September 13, 2016

I love that Smart Auditor has come back…..  er… I mean Session Recording.  This is an amazing tool. The only issues I have with this product is if you want to not use SSL and retention and back to multiple consoles.

I could complain about the multiple consoles, but that would be kicking a dead horse again and again.  We will leave that alone and hope that Citrix will consolidate eventually.

Citrix has documented very thoroughly on how to install Session Recording with SSL.  But what if you are with a client that doesn’t have an internal PKI solution and doesn’t want to buy a 3rd party cert for this.

To Configure the Session Recording without SSL, don’t choose a certificate during the installation.  You would believe this to be enough, except when the website is installed, it is setup to require SSL.  To fix this setting, open IIS admin and navigate to the SessionRecordingBroker site.  Choose SSL Settings, and uncheck require SSL.

The main problem is there is no interactive way to setup archiving of the Recordings.  If Citrix could develop a utility that would make it easy to configure the managing of the recordings it would be much nicer.  As of now, the only way to manage the recordings is with the icldb utility. https://docs.citrix.com/en-us/xenapp-and-xendesktop/xenapp-6-5/xenapp65-w2k8-wrapper/ps-sa-library-wrapper-v2/ps-sa-reference-wrapper-v2.html

Citrix has only listed the main commands in their document.  If you would like to learn more about the commands here is a full list of the options for each command

ARCHIVE:

ICLDB ARCHIVE /RETENTION:<days> [/LISTFILES] [/MOVETO:<dir>] [/NOTE:<note>]

[/L] [/F] [/S] [/?]

Archive session recording files older than the retention period specified.

This will mark files in the database as archived. Physical files will not

be moved unless the /MOVETO option is specified. Archiving a large number

of files may take some time.

/RETENTION:<days>  The retention period for session recording files. Files

older than this will be marked as archived in the

database. Retention period must be greater than 2 days.

/LISTFILES         List the path of files as they are being marked as

archived.

/MOVETO:<dir>      Specify a destination directory to which files are to be

physically moved. If this option is omitted, files will

remain in their original location.

/NOTE:<note>       Attach a text note to the database record for each

file that is archived.

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

DORMANT:

ICLDB DORMANT [/DAYS:<days> | /HOURS:<hours> | /MINUTES:<minutes>]

[/LISTFILES] [/L] [/F] [/S] [/?]

Display or count the session recording files that are deemed as dormant.

Dormant files are session recordings that never completed due to data loss.

The search for dormant files can be made across the whole database or only

recordings made within the specified last number of days, hours, or minutes.

/DAYS:<days>       Limit the range of the dormant file search to the last

number of days specified.

/HOURS:<hours>     Limit the range of the dormant file search to the last

number of hours specified.

/MINUTES:<minutes> Limit the range of the dormant file search to the last

number of minutes specified.

/LISTFILES         List the file identifier for each dormant file found.

If this is omitted, only the count of dormant files will

be displayed.

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

IMPORT:

ICLDB IMPORT [/LISTFILES] [/RECURSIVE] [/L] [/F] [/S] [/?]

[<file> …] [<directory> …]

Import session recording files into the database. The metadata contained

within each file will be read and database records created. Once a file is

imported, the file must not be moved or deleted.

/LISTFILES         List the files before importing.

/RECURSIVE         For directories specified, recursively search for files

in all sub-directories.

<file>             Name of file to import (wildcards permitted).

<directory>        Name of directory to search for files to import. Files

must have an .ICL extension. Sub-directories will be

searched if the /RECURSIVE switch is specified.

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

LOCATE:

ICLDB LOCATE /FILEID:<id> [/L] [/F] [/S] [/?]

Locate and display the full path to a session recording file given a file

identifier.

/FILEID:<id>   Session recording file identifier or file name to search

for. This may be specified in either of the following two

formats:

xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

(example: 545e8304-cdf1-404d-8ca9-001797ab8090)

-or-

i_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.icl

(example: i_545e8304-cdf1-404d-8ca9-001797ab8090.icl)

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

REMOVE:

ICLDB REMOVE /RETENTION:<days> [/LISTFILES] [/DELETEFILES]

[/L] [/F] [/S] [/?]

Remove references to session recording files older than the retention

period specified. This will only remove records from the database, unless

the /DELETEFILES option is specified.

/RETENTION:<days>  The retention period for session recording files.

Database records older than this will be removed.

Retention period must be greater than 2 days.

/LISTFILES         List the path of files as their database record is

being removed.

/DELETEFILES       Specify that the associated physical file is to be

deleted from disk.

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

REMOVEALL:

ICLDB REMOVEALL [/L] [/F] [/S] [/?]

Removes all records from the Session Recording Database and returns the database

back to its original state. This command however, does not remove physical

session recording files from disk. On large databases this command may

take some time to complete.

Use this command with caution as removal of database records can only be

reversed by restoring from backup.

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

VERSION:

ICLDB VERSION [/L] [/F] [/S] [/?]

Display the Session Recording Database schema version in the format

<major>.<minor>.<build>.<patch>.

/L           Log results and errors to the Windows event logs.

/F           Force command to run without prompting.

/S           Suppress copyright message.

/?           Display command help.

Let's discuss a strategic IT partnership today!