Citrix DaaS

Configuration logging

Note:

Configuration log records appear only in English, regardless of which language you select for your Citrix Cloud account. Dates and times associated with those records are in MM/DD/YY format, expressed in Coordinated Universal Time (UTC).

Configuration logging is a feature that captures Citrix Virtual Apps and Desktops and Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) deployment configuration changes and administrative activities to a logging database in Citrix Cloud. You can use the logged content to:

  • Diagnose and troubleshoot problems after configuration changes are made. The log provides a breadcrumb trail.
  • Assist change management and track configurations.
  • Report administrative activities.

In this Citrix DaaS, configuration logging is always enabled. You cannot disable it.

From the Full Configuration management interface, you can view configuration log content, filtered by date ranges or by full text search. You can also generate a CSV report using PowerShell. From this console, you cannot edit or delete log content. You can use the Remote PowerShell SDK to schedule periodic data deletion from the log.

Reduction in retention period for Config logging in Citrix DaaS

Starting September 9th, 2024 we are reducing the retention period for config logging to 180 days.

Logs older than 180 days will be deleted post-September 9th, 2024. As we keep growing our limits for a single DaaS setup, the reduction in retention period for Config logging is required, to provide the best performance and resilience to our customers. For more information, see Limits.

As a best practice, we advise you to have a quarterly export mechanism setup by using PowerShell to generate the reports in HTML or CSV formats. For more information, see Generate reports.

Citrix also recommends you to schedule a periodic data deletion activity to maintain good hygiene of the system. For more information, see Schedule periodic data deletion.

Permissions required (see Delegated administration):

  • Full Administrators in Citrix Cloud, plus Citrix DaaS Cloud Administrators and Read Only Administrators can view configuration logs in the Manage console.
  • Full Administrators and Cloud Administrators can also download a CSV report of logging activity, using PowerShell.

What is logged

The following operations are logged:

  • Configuration changes and administrative activities initiated from the Manage and Monitor tabs
  • PowerShell scripts
  • REST API requests

Note:

You cannot see log entries for Citrix Cloud platform internal operations, such as database setup and management.

Examples of logged configuration changes include working with (creating, editing, deleting, assigning):

  • Machine catalogs
  • Delivery groups (including changing power management settings)
  • Administrator roles and scopes
  • Host resources and connections
  • Citrix policies through the Manage console

Examples of logged administrative changes include:

  • Power management of a virtual machine or a user desktop
  • Manage or monitor functions sending a message to a user

The following operations are not logged. (Many of them are not available to customer administrators.)

  • Automatic operations such as pool management power-on of virtual machines.
  • Policy actions implemented through the Group Policy Management Console (GPMC). Use Microsoft tools to view logs of those actions.
  • Changes made through the registry or from sources other than the Full Configuration management interface, Monitor, or PowerShell.

View configuration log content

To view configuration log content, follow these steps:

  1. Sign in to Citrix Cloud. Select My Services > DaaS in the upper left menu.
  2. From Manage > Full Configuration, select Logging > Events in the left pane.

By default, the display in the center pane lists the log content chronologically (newest entries first), separated by date. You can:

  • Sort the display by column header.
  • Filter the display by specifying a day interval or a custom time period, or by entering text in the Search box. To return to the standard display after using search, clear the text in the Search box.

Display characteristics:

  • High-level operations created during management and monitoring are listed in the upper middle pane. A high-level operation results in one or more services and PowerShell SDK calls, which are low-level operations. When you select a high-level operation in the upper middle pane, the lower pane displays the low-level operations.
  • If you create a low-level operation in PowerShell without specifying a parent high-level operation, configuration logging creates a surrogate high-level operation.
  • If an operation fails before completion, the log operation might not be completed in the database. For example, a start record has no corresponding stop record. In such cases, the log indicates that there is missing information. When you display logs based on time ranges, incomplete logs are shown if the data in the logs matches the criteria. For example, if you request logs for the last five days, and a log with a start time in the last five days has no end time, it is included.
  • Remember: You cannot see log entries for Citrix Cloud platform internal operations, such as database setup and management.

To view tasks related to machine catalog operations, navigate to Manage > Full Configuration > Logging > Tasks. The Tasks tab displays only tasks related to catalogs created through Machine Creation Services (MCS) or Provisioning Services (PVS). Specifically, tasks associated with the following machine catalog operations appear:

  • Create catalogs
  • Clone catalogs
  • Add machines
  • Remove machines
  • Update a catalog (update images or machines)
  • Roll back machine updates

Tip:

The Tasks tab displays only tasks related to provisioning scheme changes (creating or modifying a provisioning scheme).

A task can be in the following state:

  • Completed
  • Not started
  • Running
  • Canceled
  • Failed
  • Unknown

To cancel a running task, select the task and then click Cancel. The cancelation takes some time to complete.

Examples of logged tasks include:

  • Image update completed for a certain catalog
  • Error while updating the image for a certain catalog
  • Canceled image update for a certain catalog
  • Provisioning VMs to a certain catalog
  • Removing VMs from a certain catalog
  • Created a certain catalog

By default, the display in the center pane lists logged tasks chronologically (newest entries first), separated by date. You can sort the display by column header. To clear completed tasks, click Clear Completed Tasks under the Tasks tab.

View API logs

To view REST API logs, navigate to Manage > Full Configuration > Logging > APIs. The APIs tab displays REST API requests made during a certain time period.

Be aware of the following considerations:

  • REST API logs are cleared after you sign out of the console. (They are also cleared if you refresh your browser window.)
  • Any operations in the console that result in API calls have their corresponding API requests displayed on the APIs tab.
  • The display lists the API requests chronologically (newest entries first), separated by date. The maximum number of API requests in the display is 1,000.

View PowerShell logs

To view PowerShell commands corresponding to UI actions you’ve taken during the day, navigate to the Manage > Full Configuration > Logging > PowerShell tab.

Associate metadata with configuration logs

You can attach metadata to configuration logs by associating a name-value pair called MetadataMap with the log records.

Note:

  • You can only attach metadata to high-level operation objects.
  • Metadata is associated with the existing records at the time of execution.

Set the metadata

Run the PowerShell command Set-LogHighLevelOperationMetadata to associate a log record with the MetadataMap. Set-LogHighLevelOperationMetadata takes the following parameters:

  • Id:ID of the high-level operation.
  • InputObject:The high-level operations to which you add the metadata. This is an alternative to the Id parameter where a high-level operation object or list of objects is passed to the PowerShell command.
  • Name:Property name of the metadata to be added. The property must be unique for the high-level operation specified. The property cannot contain any of the following characters: ()\/;:#.*?=<>|[]"'
  • Value:Value for the property.
  • Map:Dictionary of (name, value) pairs for the properties. This is an alternative to setting the metadata using the -Name and -Value parameters.

For example, to attach the metadata to all the high-level log records with Id 40, run the following PowerShell command:

Get-LogHighLevelOperation – Id 40 | Set-LogHighLevelOperationMetadata -Name A -Value B

To attach the metadata to the high-level record with the user abc@example.com, run the following PowerShell command:

Get-LogHighLevelOperation – User `abc@example.com` | Set-LogHighLevelOperationMetadata -Name C -Value D

Retrieve using the metadata

Run the following PowerShell commands to use the associated metadata to retrieve the log records:

  • Search by key and value:

    Get-LogHighLevelOperation -Metadata "Key:Value"

  • Search by value and any key:

    Get-LogHighLevelOperation -Metadata "*:Value"

  • Search by key and any value:

    Get-LogHighLevelOperation -Metadata "Key:*"

Remove the metadata

Run the PowerShell command Remove-LogHighLevelOperationMetadata to remove the associated metadata. Remove-LogHighLevelOperationMetadata takes the following parameters:

  • Id:ID of the high-level operation.
  • InputObject:The high-level operations to which you add the metadata. This is an alternative to the Id` parameter where a high-level operation object or list of objects is passed to the PowerShell command.
  • Name:Property name of the metadata to be removed. Set to $null to remove all the metadata for the specified object.
  • Map:Dictionary of (name, value)-pairs for the properties. This can be either a hashtable (created with @{“name1” = “val1”; “name2” = “val2”}) or a string dictionary (created with new-object “System.Collections.Generic.Dictionary[String, String]”). The properties whose names match the keys in the map are removed.

Generate reports

To generate a CSV or HTML report containing configuration log data, use PowerShell cmdlets for the ConfigLogging Service in the Citrix Virtual Apps and Desktops Remote PowerShell SDK. For details, see:

Schedule periodic data deletion

Use the Remote PowerShell SDK to specify how long data is retained in the configuration logging database. (This feature is not available in the Full Configuration management interface.) In Citrix DaaS, you must have Full access.

In the Set-LogSite cmdlet, the -LoggingDBPurgeDurationDays parameter specifies how many days data is retained in the configuration logging database before it’s deleted automatically.

  • By default, the value of this parameter is 0. A zero value means that data in the configuration logging database is never deleted automatically.
  • When you set a non-zero value, the database is checked once every 120 minutes. Data older than the retention period is deleted.

Use Get-LogSite to view the current value of the parameter.

Differences from on-premises Citrix Virtual Apps and Desktops

If you’re familiar with configuration logging in the on-premises Virtual Apps and Desktops product, the Citrix Cloud version has several differences. In Citrix Cloud:

  • Configuration logging is always enabled. You cannot disable it. Mandatory logging is not available.
  • You cannot change the location of the configuration logging database, because the database is managed in the Citrix Cloud platform.
  • Configuration log displays do not include operations and activities that are performed within the Citrix Cloud platform.
  • PowerShell is your only choice to create a CSV or HTML report of logged operations. In the on-premises product, reports can be generated from Citrix Studio or PowerShell.
  • You cannot delete configuration log content.