Session Recording web player

Overview

The web player lets you use a web browser to view and play back recordings. Using the web player, you can:

  • Search for recordings by using filters, including host name, client name, user name, application, client IP address, event text, event type, and time.

  • View and play back both live and completed recordings with tagged events listed in the right pane.

  • configure cache memory for storing recordings while playing.

  • Record idle events and highlight idle periods.

  • Leave comments about a recording and set comment severities.

  • Share URLs of recordings.

Note:

Supported browsers include Internet Explorer, Google Chrome, and Firefox.

Enable the web player

The web player is enabled by default.

  • To disable the web player, start a Windows command prompt and run the <Session Recording Server installation path>\Bin\TestPolicyAdmin.exe –disablewebplayer command.

  • To enable the web player, start a Windows command prompt and run the <Session Recording Server installation path>\Bin\TestPolicyAdmin.exe -enablewebplayer command.

Logon and password

The URL of the web player website is http(s)://<FQDN of Session Recording Server>/WebPlayer. To ensure the use of HTTPS, add an SSL binding to the website on IIS and update the SsRecWebSocketServer.config configuration file. For more information, see the HTTPS configuration section in this article.

Note:

When logging on to the web player website, domain users do not need to enter credentials while non-domain users must.

After you log on to the web player website, all recordings appear, listed. Clicking All Recordings in the left navigation refreshes the page and displays new recordings if there are any.

Image of all recordings page

Installation

As with the other Session Recording components, you can use the Citrix Virtual Apps and Desktops installer to install the web player.

During installation, selecting Session Recording Administration on the Core Components page installs the web player on the same machine with the Session Recording Server. For more information about installing Session Recording, see Install, upgrade, and uninstall.

With the web player installed, the SessionRecordingRestApiService and the WebPlayer applications appear on IIS.

Image of applications hosted on IIS

HTTPS configuration

To use HTTPS to access the web player website:

  1. Add an SSL binding on IIS.

    1. Obtain an SSL certificate in PEM format from a trusted Certificate Authority (CA).

      Note:

      Most popular browsers such as Google Chrome and Firefox no longer support the common name in a Certificate Signing Request (CSR). They enforce Subject Alternative Name (SAN) in all publicly trusted certificates. To use the web player over HTTPS, take the following actions accordingly:

      • When a single Session Recording Server is in use, update the certificate of the Session Recording Server to a SAN certificate.

        image of a single Session Recording Server in use

      • When load balancing is in use, ensure that a SAN certificate is available both on Citrix ADC and each Session Recording Server.

        image of load balancing in use

    2. On IIS, right-click the website and select Add Bindings. The Site Bindings dialog box appears.

      image of site bindings dialog box

    3. Click Add in the upper right corner. The Add Site Binding dialog box appears.

    4. Select https from the Type list and select your SSL certificate.

      image of selecting https

      image of

    5. Click OK.

  2. Update the SsRecWebSocketServer.config configuration file.

    1. Locate and open the SsRecWebSocketServer.config configuration file.

      The SsRecWebSocketServer.config configuration file is typically located in the <Session Recording Server installation path>\Bin\ folder.

    2. Enable TLS by editing TLSEnable=1, and fill in the paths to the SSL certificate and its key, respectively.

      Note:

      Only the PEM format of SSL certificates and key files is supported.
      The ServerPort field indicates the port number that the web player uses to collect recording files. In the following screen capture, it is set to the default value (22334).

      Image of updating the WebSocket server configuration file

      To extract the separate certificate and key files used in the WebSocket server configuration:

      1. Ensure that OpenSSL is installed on your Session Recording Server that contains the SSL certificate.

      2. Export the SSL certificate as a .pfx file. The .pfx file includes both the certificate and the private key.

      3. Open the command prompt and go to the folder that contains the .pfx file.

      4. Start OpenSSL from the OpenSSL\bin folder.

      5. Run the following command to extract the certificate:

        openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [aSRS2.pem]
        

        Enter the import password that you created when exporting the .pfx file.

      6. Run the following command to extract the private key:

        openssl pkcs12 -in [yourfile.pfx] -nocerts -out [newaSRS2keyWithPassword.pem]
        

        Enter the import password that you created when exporting the .pfx file. Provide a new password for protecting your key file when prompted for the PEM pass phrase.

      7. Run the following command to decrypt the private key:

        openssl rsa -in [newaSRS2keyWithPassword.pem] -out [newaSRS2key.pem]
        
    3. Save your changes.

    4. Check your firewall settings. Allow SsRecWebSocketServer.exe to use the TCP port (22334 by default) and allow access to the web player URL.

    5. Run the TestPolicyAdmin –stopwebsocketserver command.

View recordings

After you log on to the web player, all available recordings are listed. You can scroll down the webpage to select recordings to view or use filters to customize your search results. For live recordings, the Duration item shows Live and the play button appears green.

Image of a live recording

For a description of the recording items, see the following table.

Item Description
Start time The recording start time. Click the up and down arrows to list recordings in chronological order.
User The user whose session was recorded. Click the up and down arrows to concentrate recordings of a user on the list and arrange users in alphabetical order.
Host The host name of the VDA where the recorded session was hosted. Click the up and down arrows to arrange the VDA host names in alphabetical order.
Client The name of the client device where the session was running. Click the up and down arrows to arrange the client host names in alphabetical order.
Events The quantity of events in the recording. Click the up and down arrows to arrange recordings on the list by event quantity.
Duration The time length of the recording. Click the up and down arrows to arrange recordings on the list by time length.

Search for recordings by using filters

You can search for recordings by using filters. The available filters include host name, client name, user name, application, client IP address, event text, event type, and time.

Image of recording filters

For example, after you select the host name filter, the following dialog box appears. Type in the host name (of the VDA where recorded sessions are hosted) and click Search to filter out irrelevant recordings and display only the relevant ones.

Image of selecting the host name filter

You can change to a different filter by clicking the currently selected Host name, as shown in the following screen capture. All filters are listed after you click Host name. Select a different filter as needed.

Image of all filters listed

You can also click the + symbol to add filters.

Image of plus symbol

For example, you can add the Time filter as shown in the following screen.

Image of adding the time filter

The Time filter consists of recording start date, start time, and duration.

Open and play recordings

On the recordings page, each recording has a play button on the right side, next to the Duration item.

Image of play buttons

Click the play button. The playback page appears. Playback starts after memory caching.

Image of recording playback page

For a description of the player controls, see the following table:

Player Control Description
image of play button Plays the selected recording file.
image of pause button Pauses playback.
image of progress bar You can drag the progress bar during playback. Idle periods of recorded sessions are highlighted during playback.
image of seek backward 7 seconds Seeks backward 7 seconds.
image of current position of recording playback Indicates the current position of the recording playback and the total recording duration. The time format is HH:MM:SS.
image of comments icon Lets you click and leave a comment about the recording being played.
image of share current playback icon Lets you click and copy the URL of the current recording to the clipboard.
image of playback speed Indicates the current speed of playback. Click the icon to switch between options including X0.5, X1, X2, and X4.
image of full screen button Displays the playback in full screen.
image of exit full screen button Displays the playback within the webpage.

In the right pane of the playback page, the following recording data, event filters, and the quick search box are available:

Image of events and other information

  • The date and time on the web player machine. In this example, February 21, 2020 and 18:32:24.
  • The duration of the recording in playback. In this example, 00:09:12.
  • The number of events in the recording. In this example, 9 EVENTS.
  • The name of the user whose session was recorded.
  • The host name of the VDA where the recorded session was hosted.
  • The name of the client device where the session was running.
  • Options for sorting search results: Select Sort by All Categories, Sort by Events, or Sort by Comments to sort search results.
  • Event filters. You can select more than one filter to search for events in the current recording.

    image of event filters

    Click the icon to expand folded displays of events.

    image of expanding folded displays of events

  • Event list. Clicking an event on the list takes you to the position of the event in the recording.
  • Quick search box. The search events quick search box helps to quickly narrow down a list of events in the current recording.

Configure cache memory for storing recordings while playing

On the Configuration page of the web player, click the slider to set up the cache memory for storing recordings while playing.

Image of configuring cache memory for storing recordings while playing

Record idle events and highlight idle periods

Session Recording can record idle events and highlight idle periods in the Session Recording web player. Idle events are not visible in the Session Recording Player because idle events are saved in the Session Recording Database but not in the relevant recording files (.icl files).

To customize the idle event feature, set the following registry keys as required. The registry keys are located at HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\SessionEvents.

Registry key Default value Description
DisableIdleEvent 0 To disable the idle event feature, set the value to 1.To enable the idle event feature, set the value to 0.
IdleEventThrottle 120 seconds If there is no user activity (including graphics changes and keyboard/mouse inputs) longer than the time threshold set by the registry key, an idle event is recorded. The idle period is highlighted when the recorded session plays back on the Session Recording web player.
IdleEventActiveThrottle 30 seconds Only a certain number of graphics changes within a specified amount of time qualify as user activities. By default, at least three packets within 30 seconds can qualify as user activities.
IdleEventActivePktNumThrottle 3 packets Only a certain number of graphics changes within a specified amount of time qualify as user activities. By default, at least three packets within 30 seconds can qualify as user activities.
IdleEventActivePktSizeThrottle 100 bytes Graphics packets smaller than the key value are ignored and the relevant time duration is regarded as idle.

Comment on recordings

When a recorded session is being played, you can click the Comments player control to leave comments and set comment severities. Comments of different severities are displayed in different colors in the right event list panel. Severities include Normal, Medium, and Severe. During session playback, you can view all comments about a recording and delete comments from the event list. Refresh the webpage before being able to delete a comment you just left.

Image of comments about a recording

Clicking a comment in the event list lets you jump to the location where the comment was given. Clicking the comment icon in the upper left corner redirects you to the My comments page where all your comments are presented.

Image of my comments page

Note:

To make the comment feature work as expected, clear the WebDAV Publishing check box in the Add Roles and Features wizard of Server Manager on the Session Recording Server.

Image of configuration in server manager

Share URLs of recordings

Clicking Share Current Playback on the playback page of a recording copies the recording URL to the clipboard. You can share the URL with other users for them to access the recording directly without the need to search in all recordings.

Image of recording playback page

After you click Share Current Playback, either of the following messages appears, indicating a successful or failed operation respectively:

  • The URL to the shared recording has been copied to the clipboard

  • Sharing the recording URL failed

Pasting the shared URL in the address bar lets you jump to the location where the URL was copied.

For secure sharing, set the following registry values under HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\Server:

Registry value Description Default value Remarks
LinkExpire Time span beyond which a shared URL expires. Counted as timeticks in the unit of 10 microseconds. 1,728,000,000,000 (The default value equals 2 days.) -
LinkSalt A security method to protect the preceding URL expiration time Kk2od974 Change the default value to an arbitrary string that preferably ends with digits.

Administrator Logging integrated with the web player

The web player integrates the Administrator Logging webpage. An administrator assigned to both the LoggingReader and the Player roles can view the administrator activity logs in the web player.

Note:

The language set for the web player browser must match the language you selected when you installed the Session Recording Administration components.

  • Configuration logging:

    Image of administrator logging integrated with the web player

  • Recording reason logging:

    Image of recording reason logging

Ensure that your SessionRecordingLoggingWebApplication site on IIS and the web player have the same SSL settings. Otherwise, 403 errors occur when you request to access the administrator activity logs.

Image of SessionRecordingLoggingWebApplication

Session Recording web player