A goal of Citrix is to deliver new features and product updates to Citrix Analytics customers when they are available. New releases provide more value, so there’s no reason to delay updates.
To you, the customer, this process is transparent. Initial updates are applied to Citrix internal sites only, and are then applied to customer environments gradually. Delivering updates incrementally in waves helps to ensure product quality and to maximize availability.
January 04, 2019
Addition of SOURCE column for existing risk indicators
The SOURCE column has been introduced in the EVENT DETAILS section of the following risk indicators triggered by the Content Collaboration data source.
Excessive file downloads
Excessive file sharing
Excessive file or folder deletion
For more information, see Citrix Content Collaboration risk indicators.
Advanced user profile management
The User Info view on the user profile has been enhanced. The Trend View link has been introduced at the top right corner of the Application, Devices, and Data Usage sections. The Map View link has been introduced at the top right corner of the Locations section. These links provide a graphical representation about the user’s historical behavior during a specific time period. You can navigate to User Info from the user’s risk timeline or from the Data Sources page.
Note: Currently, the Authentication and Domains data is not available on the User Info profile.
For more information, see Users dashboard.
Microsoft Security Graph risk indicators
The Microsoft Security Graph data source receives risk indicator information from the Azure AD Identity Protection or Windows Defender Advanced Threat Protection security providers, and sends it to Citrix Analytics.
For more information, see Microsoft Security Graph risk indicators.
Ways to enter the self-service search page
You can now access the self-service search page using the following options:
Top bar: Click Search on the top bar to directly access the search page.
Risk timeline on user profile page: Click Event Search to access the search page and view the events corresponding to a specific user’s risk indicator and the data source. For more information, see About self-service search.
Self-service search for Content Collaboration
Use self-service search to get insight into the events associated with the Content Collaboration data source. To view the events, select Content Collaboration from the list, select the time period, and then click Search. For more information, see Self-service search for Content Collaboration.
Self-service search for Virtual Apps and Desktops
Use self-service search to get insight into the events associated with the Virtual Apps and Desktops data source. To view the events, select Apps and Desktops from the list, select the time period, and then click Search. For more information, see Self-service search for Virtual Apps and Desktops.
Export self-service search events to CSV file
You can now export the self-service search events to a CSV file and download the file for future use. For more information, see Self-service search.
Improved onboarding for Virtual Apps and Desktops
The onboarding process for Virtual Apps and Desktop data source is now improved to provide a better user experience. The site cards and the on boarding steps have been modified. For more information, see Citrix Virtual Apps and Desktops data source.
November 29, 2018
Microsoft Security Graph data source
Microsoft Security Graph is an external data source that aggregates data from multiple security providers. It also provides access to the user inventory data.
Citrix Analytics currently supports the Azure AD identity protection and Windows Defender ATP security providers associated with this data source.
To onboard this data source, you must obtain permissions from the Microsoft identity platform. For more information, see Microsoft Security Graph.
View event details and discovered users on the site cards for data sources
The site cards for the data sources now display event details and the number of users. For example, you can view the event details and the users for Access Control on the site card. For more information, see Enable Analytics on data sources.
November 16, 2018
Self-service search for access data
You can use self-service search to get insight into the access details for the users in your enterprise. Citrix Analytics collects the users’ access details from the Citrix Access Control service. Use the facets and the search query to narrow down your search results.
To use the self-service search page, from the Security tab, click Event Search .
For more information, see Self-service search for Access.
Risk indicator feedback
Using the risk indicator feedback feature on Citrix Analytics, you can provide feedback regarding a risk indicator. Your feedback helps to confirm if the security incident reported is accurate or not.
Currently, this feature is supported on the Unusual logon access risk indicator triggered by the Content Collaboration data source. If this risk indicator triggered is incorrect, you can report it as a false positive and provide feedback. You can also edit a feedback that you have previously submitted. Citrix Analytics captures your feedback and validates the predicted information to optimize anomalous behavior detection.
For more information, see Risk indicator feedback.
You cannot edit and save a rule if you are accessing Citrix Analytics using Internet Explorer 11.0.
If you are accessing Citrix Analytics using Internet Explorer version 11.0, the Citrix Cloud navigation bar fails to load and restricts you from accessing the hamburger menu.
October 10, 2018
Architecture and platform enhancements
Multiple architectural and platform improvements were done in this release to enhance performance, scale, monitoring, supportability, security, and user experience.
August 23, 2018
New product names
The Citrix products supported by Citrix Analytics are now renamed as part of the Citrix unified product portfolio.
You might notice new names in our products and product documentation. This is a result of the expansion of the Citrix portfolio and cloud strategy. For more details about the Citrix unified portfolio, see Citrix product guide. Implementing this transition in our products and their documentation is an ongoing process.
In-product content and documentation might still contain former names. For example, you might see instances of earlier names in console text, messages, directory/file names, screenshots, and diagrams.
It is possible that some items (such as commands) might continue to retain their former names to prevent breaking existing customer scripts.
Related product documentation and other resources (such as videos and blog posts) that are linked from this product’s documentation might still contain former names.