Citrix Hypervisor

Data Governance

This article provides information regarding the collection, storage, and retention of logs by Citrix Hypervisor.

Citrix Hypervisor is a server virtualization platform that enables the customer to create and manage a deployment of virtual machines. Citrix Hypervisor Center is the management UI for Citrix Hypervisor. Citrix Hypervisor and Citrix Hypervisor Center can collect and store customer data as part of providing the following capabilities:

  • Server status reports - A server status report can also be generated on-demand and provided to Citrix Support. The server status report contains information that can aid in diagnosing issues in the customer’s environment.

  • Automatic updates for the Management Agent - The Management Agent runs within VMs hosted on a Citrix Hypervisor server or pool. If the server or pool is licensed, the Management Agent can check for and apply updates to itself and to the I/O drivers in the VM. As part of checking for updates, the automatic update feature makes a web request to Citrix that can identify the VM where the Management Agent runs.

  • Citrix Hypervisor Center email alerts Citrix Hypervisor Center can be configured to send email notifications when alert thresholds are exceeded. To send these email alerts, Citrix Hypervisor Center collects and stores the target email address.

The Hypervisor Management service enables you to manage continuous updates to your on-premises Citrix Hypervisor pools and servers. The Hypervisor Management service can collect and store customer data as part of providing the following capabilities:

  • Registering your Citrix Hypervisor pools and servers with the Hypervisor Management service
  • Updating the Citrix Hypervisor packages on your pool

This data includes both customer content and logs.

  • Customer Content: Customer Content means any data uploaded to the customer’s account for storage or data in the customer’s computing environment to which Citrix is provided access in order to perform the Services.

    For the Hypervisor Management service, this customer content includes information about the customer’s on-premises Citrix Hypervisor deployment.

  • Logs: Logs include records of Services, including, but not limited to:

    • Data and information on performance, stability, usage, security, support
    • Technical information about devices, systems, related software, services or peripherals associated with Customer’s use of Services

    For the Hypervisor Management service, these logs include information about pool events, pool updates, and service performance.

Data residency

Citrix Hypervisor diagnostic logs are on the server where you installed Citrix Hypervisor.

Server status reports that are provided to Citrix Support are stored in Amazon S3 environments located in the United States.

The web logs captured from the requests made by the Management Agent automatic updates feature are located in a Microsoft Azure Cloud environment located in the United States. These logs are then copied to a log management server in the United Kingdom.

The email address that Citrix Hypervisor Center uses to send email alerts is stored on the machine where you installed Citrix Hypervisor Center.

Customer content collected by the Hypervisor Management service is stored in the Azure Cloud Cosmos database service. In accordance with the Azure Cloud Cosmos database policy, this customer content can be globally replicated to these Azure Cloud regions: UK, US, Australia. For more information, see https://docs.microsoft.com/en-us/azure/cosmos-db/policy.

Program logs collected by the Hypervisor Management service are stored in Splunk instances in US and EU regions. These logs can include identifiable customer information.

Performance and quality of service logs about the Hypervisor Management service is stored in New Relic. This information can include customer metadata.

Data collection

Citrix Hypervisor and Citrix Hypervisor Center collect information from the following data sources:

  • Citrix Hypervisor Center
  • Your Citrix Hypervisor servers and pools
  • Your Hosted VMs

The Hypervisor Management service collects information from the following sources:

  • Your Citrix Cloud account
  • Your Citrix Hypervisor servers and pools

Data transmission

The web requests made by the Management Agent automatic updates feature are made over HTTPS. Web log files are transmitted securely to the log management server.

The Hypervisor Management service transmits customer content and logs securely within the Citrix Cloud platform and to the following third-party databases: Azure Cloud Cosmos, Splunk, New Relic.

Data control

You can select whether your VM uses the Management Agent automatic update feature. If you choose to use the Management Agent automatic update feature, you can also choose whether the web request includes the VM identifying information.

You can delete email alerts configured in Citrix Hypervisor Center to remove the stored email information.

Citrix Hypervisor pools and servers must be registered with the Hypervisor Management service by using your Citrix Cloud account to opt in to your pool data (customer content) being stored and your event data and pool update data being logged. You can delete your Citrix Hypervisor pools and servers from the Hypervisor Management service at any time, which deletes the Citrix Hypervisor pool data.

The customer cannot configure the contents of the pool data, event data, or pool update data that is logged by the Hypervisor Management service.

Data retention

Web logs containing information from web requests made by the Management Agent automatic updates feature can be retained indefinitely.

Citrix Hypervisor Center retains the email information used to provide email alerts for the lifetime of the email notification. When you delete the configured email alert, the data is removed.

Cloud data

Customer content: Pool data that is stored when you register a Citrix Hypervisor pool with the Hypervisor Management service is deleted when that pool is removed from the Hypervisor Management service.

Logs: The logs that are stored in Splunk are retained for 365 days. For the first 90 days, the logs are stored as a searchable index. For the remaining 275 days, the logs are stored in an archive.

Data collection agreement

At all times, any information received by Citrix is treated in accordance with the Citrix Privacy Policy.

Appendix: data collected

The following information is collected in your on-premises environment:

The following information is collected to allow the Hypervisor Management service to perform its functions:

The following information is collected in logs for the Hypervisor Management service:

This log data contains information that is specific to the customer’s on-premises Citrix Hypervisor deployment, but does not contain customer content or PII.

Server status report

A server status report can contain the following log files:

Log type Contains PII?
xapi-debug maybe
xen-info maybe
conntest no
xha-liveset maybe
high-availability maybe
firstboot yes
xenserver-databases yes
multipath maybe
disk-info maybe
xenserver-logs maybe
xenserver-install maybe
process-list yes
blobs no
xapi yes
host-crashdump-logs maybe
xapi-subprocess no
pam no
control-slice maybe
tapdisk-logs no
kernel-info maybe
xenserver-config maybe
xenserver-domains no
device-model yes
hardware-info maybe
xenopsd maybe
loopback-devices maybe
system-services no
system-logs maybe
network-status yes
v6d maybe
CVSM no
message-switch maybe
VM-snapshot-schedule no
xcp-rrdd-plugins maybe
yum if customized
fcoe yes
xapi-clusterd maybe
network-config if customized
boot-loader no

Management Agent automatic updates web log

The Management Agent automatic updates web requests can contain the following data points:

  • IP address of the VM where the Management Agent is installed
  • A VM UUID

Citrix Hypervisor Center email alerts

To provide email alerts Citrix Hypervisor Center stores the following data points:

  • Email address
  • SMTP server

Citrix Hypervisor pool data

The Citrix Hypervisor pool data stored by the Hypervisor Management service contains the following data points:

Data Notes
Pool IP address or host name  
Pool Name  
Pool Cloud UUID/ID A unique identifier generated by the service
CustomerId Citrix Cloud Customer UUID
Pool Repository  
Host OpaqueRef  
hostName  
targetHostsNum (Pool total host number)  
abnormalHostsNum (Pool host update apply failed number)  

Events data

The Hypervisor Management service gathers information about events, which contains the following data points:

Event Data points
Pool name_label, uuid, master, repositories, ha_enabled, ha_configuration
Host name_label, uuid, address, enabled, pending-guidances
VM name_label, uuid, power_state, resident_on, is_control_domain, pending-guidances
Repository name_label, binary_url, source_url, hash, up_to_date
Task error_info, progress, result, status, uuid

Pool update data

The Hypervisor Management service stores information about pool update events, which can contain the following data points:

Data points Description
customerId Citrix Cloud Customer ID
poolId A unique identifier generated by the service
checksum The checksum of the update that is applied to the pool
updates A collection of information about the update that is applied to the pool
hosts A collection of information about the hosts in the pool, including information about the VMs on the host
haEnabled Is HA enabled on the pool
haConfiguration Information about the HA configuration of the pool
hostRefs A list of opaque references for the hosts in the pool
master The opaque reference for the coordinating server in the pool
Data Governance