Session Recording web player
The web player lets you use a web browser to view and play back recordings. Using the web player, you can:
Search for recordings by using filters, including host name, client name, user name, application, client IP address, event text, event type, and time.
View and play back both live and completed recordings with tagged events listed in the right pane.
configure cache memory for storing recordings while playing.
Record idle events and highlight idle periods.
Leave comments about a recording and set comment severities.
Share URLs of recordings.
Supported browsers include Internet Explorer, Google Chrome, and Firefox.
Enable the web player
The web player is enabled by default.
To disable the web player, start a Windows command prompt and run the
<Session Recording Server installation path>\Bin\TestPolicyAdmin.exe –disablewebplayercommand.
To enable the web player, start a Windows command prompt and run the
<Session Recording Server installation path>\Bin\TestPolicyAdmin.exe -enablewebplayercommand.
Logon and password
The URL of the web player website is
http(s)://<FQDN of Session Recording Server>/WebPlayer. To ensure the use of HTTPS, add an SSL binding to the website on IIS and update the
SsRecWebSocketServer.config configuration file. For more information, see the HTTPS configuration section in this article.
When logging on to the web player website, domain users do not need to enter credentials while non-domain users must.
After you log on to the web player website, all recordings appear, listed. Clicking All Recordings in the left navigation refreshes the page and displays new recordings if there are any.
As with the other Session Recording components, you can use the Citrix Virtual Apps and Desktops installer to install the web player.
During installation, selecting Session Recording Administration on the Core Components page installs the web player on the same machine with the Session Recording Server. For more information about installing Session Recording, see Install, upgrade, and uninstall.
With the web player installed, the SessionRecordingRestApiService and the WebPlayer applications appear on IIS.
To use HTTPS to access the web player website:
Add an SSL binding on IIS.
Obtain an SSL certificate in PEM format from a trusted Certificate Authority (CA).
Most popular browsers such as Google Chrome and Firefox no longer support the common name in a Certificate Signing Request (CSR). They enforce Subject Alternative Name (SAN) in all publicly trusted certificates. To use the web player over HTTPS, take the following actions accordingly:
When a single Session Recording Server is in use, update the certificate of the Session Recording Server to a SAN certificate.
When load balancing is in use, ensure that a SAN certificate is available both on Citrix ADC and each Session Recording Server.
On IIS, right-click the website and select Add Bindings. The Site Bindings dialog box appears.
Click Add in the upper right corner. The Add Site Binding dialog box appears.
Select https from the Type list and select your SSL certificate.
Locate and open the
SsRecWebSocketServer.configconfiguration file is typically located in the
<Session Recording Server installation path>\Bin\folder.
Enable TLS by editing TLSEnable=1, and fill in the paths to the SSL certificate and its key, respectively.
Only the PEM format of SSL certificates and key files is supported.
The ServerPort field indicates the port number that the web player uses to collect recording files. In the following screen capture, it is set to the default value (22334).
To extract the separate certificate and key files used in the WebSocket server configuration:
Ensure that OpenSSL is installed on your Session Recording Server that contains the SSL certificate.
Export the SSL certificate as a .pfx file. The .pfx file includes both the certificate and the private key.
Open the command prompt and go to the folder that contains the .pfx file.
Start OpenSSL from the OpenSSL\bin folder.
Run the following command to extract the certificate:
openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [aSRS2.pem]
Enter the import password that you created when exporting the .pfx file.
Run the following command to extract the private key:
openssl pkcs12 -in [yourfile.pfx] -nocerts -out [newaSRS2keyWithPassword.pem]
Enter the import password that you created when exporting the .pfx file. Provide a new password for protecting your key file when prompted for the PEM pass phrase.
Run the following command to decrypt the private key:
openssl rsa -in [newaSRS2keyWithPassword.pem] -out [newaSRS2key.pem]
Save your changes.
Check your firewall settings. Allow SsRecWebSocketServer.exe to use the TCP port (22334 by default) and allow access to the web player URL.
After you log on to the web player, all available recordings are listed. You can scroll down the webpage to select recordings to view or use filters to customize your search results. For live recordings, the Duration item shows Live and the play button appears green.
For a description of the recording items, see the following table.
|Start time||The recording start time. Click the up and down arrows to list recordings in chronological order.|
|User||The user whose session was recorded. Click the up and down arrows to concentrate recordings of a user on the list and arrange users in alphabetical order.|
|Host||The host name of the VDA where the recorded session was hosted. Click the up and down arrows to arrange the VDA host names in alphabetical order.|
|Client||The name of the client device where the session was running. Click the up and down arrows to arrange the client host names in alphabetical order.|
|Events||The quantity of events in the recording. Click the up and down arrows to arrange recordings on the list by event quantity.|
|Duration||The time length of the recording. Click the up and down arrows to arrange recordings on the list by time length.|
Search for recordings by using filters
You can search for recordings by using filters. The available filters include host name, client name, user name, application, client IP address, event text, event type, and time.
For example, after you select the host name filter, the following dialog box appears. Type in the host name (of the VDA where recorded sessions are hosted) and click Search to filter out irrelevant recordings and display only the relevant ones.
You can change to a different filter by clicking the currently selected Host name, as shown in the following screen capture. All filters are listed after you click Host name. Select a different filter as needed.
You can also click the + symbol to add filters.
For example, you can add the Time filter as shown in the following screen.
The Time filter consists of recording start date, start time, and duration.
Open and play recordings
On the recordings page, each recording has a play button on the right side, next to the Duration item.
Click the play button. The playback page appears. Playback starts after memory caching.
For a description of the player controls, see the following table:
|Plays the selected recording file.|
|You can drag the progress bar during playback. Idle periods of recorded sessions are highlighted during playback.|
|Seeks backward 7 seconds.|
|Indicates the current position of the recording playback and the total recording duration. The time format is HH:MM:SS.|
|Lets you click and leave a comment about the recording being played.|
|Lets you click and copy the URL of the current recording to the clipboard.|
|Indicates the current speed of playback. Click the icon to switch between options including X0.5, X1, X2, and X4.|
|Displays the playback in full screen.|
|Displays the playback within the webpage.|
In the right pane of the playback page, the following recording data, event filters, and the quick search box are available:
- The date and time on the web player machine. In this example, February 21, 2020 and 18:32:24.
- The duration of the recording in playback. In this example, 00:09:12.
- The number of events in the recording. In this example, 9 EVENTS.
- The name of the user whose session was recorded.
- The host name of the VDA where the recorded session was hosted.
- The name of the client device where the session was running.
- Options for sorting search results: Select Sort by All Categories, Sort by Events, or Sort by Comments to sort search results.
Event filters. You can select more than one filter to search for events in the current recording.
Click the icon to expand folded displays of events.
- Event list. Clicking an event on the list takes you to the position of the event in the recording.
- Quick search box. The search events quick search box helps to quickly narrow down a list of events in the current recording.
Configure cache memory for storing recordings while playing
On the Configuration page of the web player, click the slider to set up the cache memory for storing recordings while playing.
Record idle events and highlight idle periods
Session Recording can record idle events and highlight idle periods in the Session Recording web player. Idle events are not visible in the Session Recording Player because idle events are saved in the Session Recording Database but not in the relevant recording files (
To customize the idle event feature, set the following registry keys as required. The registry keys are located at HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\SessionEvents.
|Registry key||Default value||Description|
|DisableIdleEvent||0||To disable the idle event feature, set the value to 1.To enable the idle event feature, set the value to 0.|
|IdleEventThrottle||120 seconds||If there is no user activity (including graphics changes and keyboard/mouse inputs) longer than the time threshold set by the registry key, an idle event is recorded. The idle period is highlighted when the recorded session plays back on the Session Recording web player.|
|IdleEventActiveThrottle||30 seconds||Only a certain number of graphics changes within a specified amount of time qualify as user activities. By default, at least three packets within 30 seconds can qualify as user activities.|
|IdleEventActivePktNumThrottle||3 packets||Only a certain number of graphics changes within a specified amount of time qualify as user activities. By default, at least three packets within 30 seconds can qualify as user activities.|
|IdleEventActivePktSizeThrottle||100 bytes||Graphics packets smaller than the key value are ignored and the relevant time duration is regarded as idle.|
Comment on recordings
When a recorded session is being played, you can click the Comments player control to leave comments and set comment severities. Comments of different severities are displayed in different colors in the right event list panel. Severities include Normal, Medium, and Severe. During session playback, you can view all comments about a recording and delete comments from the event list. Refresh the webpage before being able to delete a comment you just left.
Clicking a comment in the event list lets you jump to the location where the comment was given. Clicking the comment icon in the upper left corner redirects you to the My comments page where all your comments are presented.
To make the comment feature work as expected, clear the WebDAV Publishing check box in the Add Roles and Features wizard of Server Manager on the Session Recording Server.
Share URLs of recordings
Clicking Share Current Playback on the playback page of a recording copies the recording URL to the clipboard. You can share the URL with other users for them to access the recording directly without the need to search in all recordings.
After you click Share Current Playback, either of the following messages appears, indicating a successful or failed operation respectively:
The URL to the shared recording has been copied to the clipboard
Sharing the recording URL failed
Pasting the shared URL in the address bar lets you jump to the location where the URL was copied.
For secure sharing, set the following registry values under
|Registry value||Description||Default value||Remarks|
|LinkExpire||Time span beyond which a shared URL expires. Counted as timeticks in the unit of 10 microseconds.||1,728,000,000,000 (The default value equals 2 days.)||-|
|LinkSalt||A security method to protect the preceding URL expiration time||Kk2od974||Change the default value to an arbitrary string that preferably ends with digits.|
Administrator Logging integrated with the web player
The web player integrates the Administrator Logging webpage. An administrator assigned to both the LoggingReader and the Player roles can view the administrator activity logs in the web player.
The language set for the web player browser must match the language you selected when you installed the Session Recording Administration components.
Recording reason logging:
Ensure that your SessionRecordingLoggingWebApplication site on IIS and the web player have the same SSL settings. Otherwise, 403 errors occur when you request to access the administrator activity logs.