Citrix Virtual Apps and Desktops data source

The Virtual Apps and Desktops data source represents the Citrix Virtual Apps and Desktops deployments in your organization. Citrix Virtual Apps and Desktops is available in two offerings: service and on-premises. Citrix Analytics supports both offerings and receives user events from the data source. This article walks you through the prerequisites and the procedures to enable Analytics on both the offerings- service and on-premises.

Enable Analytics on Virtual Apps and Desktops service

Prerequisites

• Subscribe to the Citrix Virtual Apps and Desktops service offered on Citrix Cloud. Citrix Virtual Apps and Desktops Essentials is not supported on Citrix Analytics. To learn how to get started with the Citrix Virtual Apps and Desktops service, see Install and configure.

• Review the System Requirements section and ensure that you met the requirements.

• Supported clients. Citrix Analytics receives user events when a supported client version is used on the user endpoints. If users are using any unsupported client versions, they must upgrade their clients to one of the following versions:

  • Citrix Workspace app for Windows 1907 or later

  • Citrix Workspace app for Mac 1910.2 or later

  • Citrix Workspace app for HTML5 2007 or later

  • Citrix Workspace app for Chrome- Latest version available in Chrome Web Store

  • Citrix Workspace app for Android- Latest version available in Google Play

  • Citrix Workspace app for iOS- Latest version available in Apple App Store

  • Citrix Workspace app for Linux 2006 or later

View the data source and turn on data processing

Citrix Analytics automatically discovers the Virtual Apps and Desktops service (data source) associated with your Citrix Cloud account.

To view the data source:

From the top bar, click Settings > Data Sources > Security.

A site card appears on the Data Sources page. Click Turn On Data Processing to allow Citrix Analytics to begin processing data for this data source.

View cloud site, users, and received events

The site card displays the number of Virtual Apps and Desktops users, the discovered cloud site, and the received events for the last one hour, which is the default time selection. You can also select 1 week (1 W) and view the data.

The site card displays the following information about the users:

• Received events from users: These users are using the Citrix Workspace app or Citrix Receiver client versions supported by Analytics. Click the user count to view them on the Users page. Analytics receives user events from the endpoints with supported clients and provides insight into their behavior. These users are added in the Discovered Users list.

• Unable to receive events from users: These users are using the Citrix Workspace app or Citrix Receiver client versions not supported by Analytics. Therefore, Analytics does not receive any events from these endpoints and users are not added in the Discovered Users list. Analytics fails to provide insight into their behavior. Click the user count to download a CSV file. The file list the user names along with the client versions installed on their endpoints.

Recommendation: To get the full benefit of Citrix Analytics for Security in your organization, the users with unsupported clients must upgrade their clients to a supported version. For a complete list of Citrix Workspace app or Citrix Receiver client versions supported by Analytics, see the prerequisites.

Click the number of received events to view the events on the self-service search page.

After you have enabled data processing, the site card might display the No data received status. This status appears for two reasons:

1. If you have turned on data processing for the first time, the events take some time to reach the event hub in Citrix Analytics. When Citrix Analytics receives the events, the status changes to Data processing on. If the status does not change after some time, refresh the Data Sources page.

2. Analytics has not received any events from the data source in the last one hour.

   

Turn on or off data processing

To stop data processing, click the vertical ellipsis (⋮) on the site card and then click Turn off data processing. Citrix Analytics stops processing data for this data source.

To enable data processing again, click Turn On Data Processing.

Enable Analytics on Virtual Apps and Desktops on-premises

Citrix Analytics receives user events from on-premises Sites added to Workspace and Sites accessed through StoreFront deployments.

If your organization is using on-premises Sites, you must use one of the following methods to onboard your Sites so that Analytics discovers the Sites:

• Onboard your Sites using Workspace

• Onboard your Sites using StoreFront

Prerequisites

• You must have a license to use the Citrix Virtual Apps and Desktops on-premises solution. To learn how to get started with Virtual Apps and Desktops on-premises, see Install and configure.

• Review the System Requirements section and ensure that you met the requirements.

• Your Delivery Controller version must be 7.16 or later

• Your Director version must be 7.16 or later

• Supported clients. Citrix Analytics receives user events when a supported client version is used on the user endpoints. If users are using any unsupported client versions, they must upgrade their clients to one of the following versions:

  • Citrix Workspace app for Windows 1907 or later

  • Citrix Workspace app for Mac 1910.2 or later

  • Citrix Workspace app for HTML5 2007 or later

  • Citrix Workspace app for Chrome- Latest version available in Chrome Web Store

  • Citrix Workspace app for Android- Latest version available in Google Play

  • Citrix Workspace app for iOS- Latest version available in Apple App Store

  • Citrix Workspace app for Linux 2006 or later

• Subscription to Citrix Workspace. If you want to add your Sites to Citrix Workspace, you must require a Workspace subscription. Citrix Workspace is included with new subscriptions of Virtual Apps and Desktops after December 2017, as either a trial or as a purchased service.

  Citrix Virtual Apps and Desktops Essentials is not supported on Citrix Analytics.

  To purchase a Citrix Workspace subscription, visit https://www.citrix.com/products/citrix-workspace/get-started.html and contact a Citrix Workspace expert who can help you.

• Sites added to Workspace. Citrix Analytics automatically discovers the Sites added to Citrix Workspace. Add your Sites to Citrix Workspace before proceeding with onboarding on Citrix Analytics. This process is known as Site aggregation.

  Site aggregation requires you to install Cloud Connector, configure NetScaler Gateway STA servers for internal and external connectivity to Workspace resources, and then add the Sites to Workspace. For detailed instructions on Site aggregation, see Aggregate on-premises virtual apps and desktops in workspaces.

• StoreFront version. If you are using a StoreFront deployment for your Sites, ensure that the StoreFront version is 1906 or later.

• Site credentials for Citrix Analytics. While configuring your Site for the Actions feature of Citrix Analytics, you have to provide the Citrix administrator credentials for your on-premises Site. These credentials must have the following permissions:

  1. Citrix administrator role: Full Administrator

  2. Active Directory: Domain Users

• Server URL for Citrix Director. Using this information, Citrix Analytics accesses the real-time data available to provide in-depth analysis of user behavior in your Site.

• Delivery Controller. During the process of configuring your Site for advanced Citrix Analytics features such as policies and actions, you have to install a policy agent on a Delivery Controller in your on-premises Site. This agent enables your Site to communicate with Citrix Analytics on port 443 (HTTPS).

  Ensure that the Delivery Controller hosting the agent meets the following requirements:

  • Supports PowerShell 3.0 or later.

  • Outbound connections on TCP port 443 (HTTPS) are allowed.

Onboard Virtual Apps and Desktops Sites using Workspace

Sites already added to Citrix Workspace

Citrix Analytics automatically discovers the Sites that are already added to Citrix Workspace and displays them on the data source site card.

To view the data source:

From the top bar, click Settings > Data Sources > Security.

The Virtual Apps and Desktops site card displays the number of Sites added to Workspace and the users connected to these Sites. Click the site count to view the discovered Sites. Click the user count to view the discovered users on the Users page.

The site card displays the following information about the users:

• Received events from users: These users are using the Citrix Workspace app or Citrix Receiver client versions supported by Analytics. Click the user count to view them on the Users page. Analytics receives user events from the endpoints with supported clients and provides insight into their behavior. These users are added in the Discovered Users list.

• Unable to receive events from users: These users are using the Citrix Workspace app or Citrix Receiver client versions not supported by Analytics. Therefore, Analytics does not receive any events from these endpoints and users are not added in the Discovered Users list. Analytics fails to provide insight into their behavior. Click the user count to download a CSV file. The file list the user names along with the client versions installed on their endpoints.

Recommendation: To get the full benefit of Citrix Analytics for Security in your organization, the users with unsupported clients must upgrade their clients to a supported version. For a complete list of Citrix Workspace app or Citrix Receiver client versions supported by Analytics, see the prerequisites.

Sites not added to Citrix Workspace

If you have not already added your on-premises Sites to Workspace, Analytics cannot discover your Sites. The site card displays 0 discovered sites.

To add a Site to Workspace:

1. Click + on the site card.

   

2. On the Workspace Configuration page, click +Add Site.

   

3. Follow the on-screen instructions to add a Site. For more information, see Aggregate on-premises virtual apps and desktops in workspaces.

4. After adding the Site, log back to Citrix Analytics and refresh the Data Sources page to view the recently added Site on the site card.

Turn on data processing and view received events

To allow Analytics to begin processing data for the discovered Sites, click Turn On Data Processing on the Site card and follow the prompts on the screen.

If you have multiple Sites added to the same Workspace, Analytics processes and stores data for all the Sites in the Workspace. You get a success message when Analytics is successfully enabled on all your Sites.

The site card displays the received events for the last one hour, which is the default time selection. You can also select 1 week (1 W) and view the data. Click the number of received events to view the events on the corresponding self-service search page.

After you have enabled data processing, the site card might display the No data received status. This status appears for two reasons:

1. If you have turned on data processing for the first time, the events take some time to reach the event hub in Citrix Analytics. When Citrix Analytics receives the events, the status changes to Data processing on. If the status does not change after some time, refresh the Data Sources page.

2. Analytics has not received any events from the data source in the last one hour.

   

Configure a policy agent on your Site

The Site card displays the Policy configuration incomplete message when a policy agent is not installed on your discovered Site. The policy agent enables you to apply the policies and actions on the user events received from your Site.

Note

The policy agent is required only for configuring policies and has no role in data transmission from your Site. After the Site is onboarded, Citrix Analytics receives data regardless of whether the policy agent is installed or not.

Connectivity requirements:

• If you are using a proxy server in your Citrix environment, ensure the following connectivity requirements are met:

  • The proxy server must use the basic authentication method.

  • The proxy server must forward the HTTPS or HTTP request from the policy agent without any change.

  • The https://manage-disc.citrix.com address must be accessible. You should not get any proxy error while accessing the address.

    Note

    However you might get the page not secure or the connection not private warning message while accessing the address through a web browser. You can proceed with the warning to view the page. The page does not contain any information to display. The policy agent uses this address to connect to the application server on the Citrix environment.

  • The policy agent uses the proxy configuration details defined for the machine on which the policy agent is installed. Ensure the proxy configuration details are the same for the web browser and the machine.

• If the machine on which you are installing a policy agent is behind a firewall, add the following addresses in your firewall exception list. These addresses are required to establish a connection between the policy agent on your machine and the application server on the Citrix environment.

  • https://smart.cloud.com

  • https://rttf.citrix.com

  • https://citrixworkspacesapi.net

  • https://ctxsym.citrix.com

  • https://manage-disc.citrix.com

  • 13.82.89.73

  • 40.87.65.119

  • 52.168.86.226

  • 13.92.86.28

To install and configure a policy agent:

1. Click either Sites or Policy configuration incomplete on the site card to view to the Discovered Sites page to install the policy agent.

   

2. Click the Site that displays the Policy configuration incomplete message.

   

3. Click Continue. The Install and Configure Analytics Policy Agent wizard appears.

   

4. Click Download Agent and save the policy agent package. Install the policy agent on one of the Delivery Controllers in your Site. For high availability and reliability, Citrix recommends that you install multiple policy agents on each Site.

   Note

   Ensure your browser settings are configured to not block pop-up windows, else the policy agent might not download to your system.

   

5. After the installation finishes, click Connect to Installed Agent. The agent registers your Site with Citrix Analytics. This process might take a few minutes.

6. Enter the user name and password for your Site administrator account and then click Next. Citrix Analytics verifies your entries.

   

7. Enter your Site’s Director URL and click Next.

   

8. Review the configuration summary, verify that your Site is available for Citrix Analytics, and the policy agent is online. Click Done to close the wizard.

   

The Citrix Virtual Apps and Desktops Site setup is completed successfully.

Add a Site

If you want to add another on-premises Site to Workspace, you can add it from Analytics:

1. On the Site card, click the number of Sites to view the Discovered Sites page.

   

2. On the Discovered Sites page, click + Add more Virtual Apps and Desktops Sites to Workspace.

   

3. On the Workspace Configuration page, click +Add Site.

   

4. Follow the on-screen instructions to add a Site. For more information, see Aggregate on-premises virtual apps and desktops in workspaces.

5. After adding the Site, go to Citrix Analytics and refresh the Data Sources page to view the recently added Site on the site card.

Onboard Virtual Apps and Desktops Sites using StoreFront

If your organization uses an on-premises StoreFront deployment, you must configure your StoreFront servers to enable Citrix Workspace app to send user events to Analytics. The user events are processed by Analytics to provide actionable insights into user behaviors. For more information on how to configure a StoreFront deployment, see the Citrix Analytics service article in the StoreFront documentation.

If you do not configure your StoreFront server, Analytics does not receive any user events. As a result, you cannot turn on data processing. You see the following message when StoreFront is not configured. For details about how to configure the StoreFront server, see the Connect to a StoreFront deployment section.

Prerequisites

Before you begin, ensure the following:

• Your StoreFront version must be 1906 or later.

• The StoreFront deployment must be able to connect to the following address:

  • https://*.cloud.com

  • https://api.analytics.cloud.com

• The StoreFront deployment must have port 443 open for outbound internet connections. Any proxy servers on the network must allow this communication with Citrix Analytics.

• If the StoreFront deployment is hosted on a webserver that uses a web proxy to connect to the internet, the proxy for each store must be manually configured to allow outbound traffic. StoreFront does not automatically use the proxy setting of the host webserver. For more information, see Configure a StoreFront deployment hosted on a webserver that uses HTTP proxy.

• The StoreFront deployment must be accessed using one of the following clients:

  • Citrix Receiver for Web sites in HTML5-compatible browsers.

    Note

    If you are an HTML5 user, Virtual Apps and Desktops can launch events when certain configurations are enabled on StoreFront. For information about the configuration steps, see the Install article in the Citrix Workspace app for HTML5 documentation. For print-related events, additional policies must be configured on StoreFront. For more information, see the PDF Printing article in the Citrix Workspace app for HTML5 documentation.

  • Citrix Workspace app 1907 for Windows or later.

  • Citrix Workspace app 2006 for Linux or later.

  • Citrix Workspace app 2006 for Mac or later

• If you are using Citrix Virtual Apps and Desktops 7 1912 LTSR, the supported StoreFront version is 1912.

Connect to a StoreFront deployment

1. On the Virtual Apps and Desktops site card, click the vertical ellipsis (⋮) and then select Connect StoreFront deployment.

   

   Note

   The Connect StoreFront deployment option is disabled if you do not have a Site already discovered by Analytics. Add your on-premises Sites to Workspace to enable this option.

2. On the Connect StoreFront Deployment page, review the checklist and select all the mandatory requirements. If you do not select a mandatory requirement, the Download File option is disabled.

   

3. Click Download File to download the StoreFrontConfigurationFile.json file.

   Note

   The file contains sensitive information. Keep the file in a safe and secure location.

   

4. Copy the file to your StoreFront deployment. If you are using multi server deployment, copy the file to a server in the StoreFront server group.

5. On the StoreFront server, open the PowerShell ISE and run the following command to import the configuration settings.

   Import-STFCasConfiguration -Path "configuration file path"

   For example, if the StoreFrontConfigurationFile.json file is on the desktop, specify the command as follows:

   Import-STFCasConfiguration –Path "$Env:UserProfile\Desktop\ StoreFrontConfigurationFile.json"

6. Run the following command to verify the imported configuration settings.

   Get-STFCasConfiguration

7. If you are using multi server deployment, you must propagate the configuration settings to all the servers in the server group. Use either the StoreFront management console or run the following command to propagate the settings.

   Publish-STFServerGroupConfiguration

8. After configuration is successful, go to Citrix Analytics to view the connected StoreFront deployment. Click Turn On Data Processing to allow Citrix Analytics to process the data.

View received events

The site card displays the number of connected StoreFront deployments and the events received from these deployments for the last one hour, which is the default time selection. You can also select 1 week (1 W) and view the data. Click the number of received events to view the events on the self-service search page.

After you have enabled data processing, the site card might display the No data received status. This status appears for two reasons:

1. If you have turned on data processing for the first time, the events take some time to reach the event hub in Citrix Analytics. When Citrix Analytics receives the events, the status changes to Data processing on. If the status does not change after some time, refresh the Data Sources page.

2. Analytics has not received any events from the data source in the last one hour.

   

View connected StoreFront deployments

The StoreFront deployments appear on Virtual Apps and Desktops site card only if the configuration is successful. The site card shows how many StoreFront deployments have established connections with Citrix Analytics.

Click the number of StoreFront deployments on the site card to view the server groups. For example, click 2 StoreFront deployments to view the connected server or server groups. Each StoreFront deployment is represented by a base URL and a ServerGroupID.

Add or remove StoreFront deployments

To add a StoreFront deployment, click Connect to StoreFront Deployments on the Virtual Apps and Desktop page. Download the configuration file and follow the steps to configure a StoreFront deployment.

To stop the event transmission from a configured StoreFront deployment and remove it from Citrix Analytics:

1. Go to the StoreFront deployment that you want to remove from Citrix Analytics. Run the following command to remove the configuration settings from your StoreFront server.

   Remove-STFCasConfiguration

2. If you are using multi server deployment, run the following command to propagate the changes and remove the configuration settings from all the servers in the StoreFront server group.

   Publish-STFServerGroupConfiguration

3. Run the following command to verify that the configuration settings have been successfully removed. The command returns nothing if the settings have been successfully removed.

   Get-STFCasConfiguration

4. Log back to Citrix Analytics and choose the StoreFront deployment on the Virtual Apps and Desktop page. Click the vertical ellipsis (⋮) and select Remove StoreFront deployments from Analytics.

   

   Note

   You must run the specified commands on the StoreFront deployment before removing it from Citrix Analytics. If you fail to run the commands, Citrix Analytics continues to receive the events and the StoreFront deployment is added again at the next event pooling cycle.

Configure a StoreFront deployment hosted on a webserver that uses HTTP proxy

If a StoreFront is hosted on a webserver that uses a web proxy to connect to the internet, the store must be manually configured to register with Citrix Analytics. This configuration requires you to add a <system.net> section to the store web.config file. You must configure every store on the StoreFront deployment that will send events to Citrix Analytics.

There are two methods by which you can add the <system.net> section to the store web.config file:

• Set the store proxy configuration via PowerShell for one or more stores (recommended method).

• Manually add a <system.net> section to the store web.config file.

For more information on these methods, see the Configure StoreFront to use a web proxy to contact Citrix Cloud and register with Citrix Analytics article in the StoreFront documentation.

Turn on or off data processing

To stop data processing, click the vertical ellipsis (⋮) on the site card and then click Turn off data processing. Citrix Analytics stops processing data for this data source.

To enable data processing again, click Turn On Data Processing.