Using Session Recording server 2204 or later, you can query administrator logging data through the Session Recording service.
An administrator with Full access can view administrator logging. To grant the Full access permission, go to Identity and Access Management in Citrix Cloud.
If you select a Session Recording server earlier than version 2204, the following banner appears, and no data is available.
Logging data overview
Administrator logging data consists of two parts - configuration logging and recording reason logging.
You can select more than one Session Recording server to view logs.
Hover over the three dots (ellipsis) to view details about each log.
This part logs the following administrator activities:
Policy document change - Changes to policies on the Session Recording policy console or Citrix Director
Server configuration change - Changes in Session Recording Server Properties
Recording file playback - Playback of recorded sessions
Log reading - Unauthorized attempts to access the administrator logging data
You can use the Logging time, Category, Action, and Action taken by filters to narrow your search. The “AND” operator is used between the filters to compute the search action.
When more than one filter is applied, the Clear all button becomes available. You can click the button to clear all filters.
To log administrator activities, complete the following steps to enable administrator logging on your Session Recording servers.
Select Configuration > Server Settings from the left navigation of the Session Recording service.
Click the host name of your target Session Recording server on the list.
On the Server Settings page, select Logging from the left navigation and then select Enable administrator logging.
If you select Enable mandatory blocking, the following activities are blocked if logging fails. A system event is also logged with an Event ID 6001:
Changes to recording policies on the Session Recording Policy Console or Citrix Director
Changes in Session Recording Server Properties
The mandatory blocking setting does not impact the recording of sessions.
You can enable administrator logging both through the Session Recording service and through Session Recording Server Properties. For information on how to enable administrator logging through Session Recording Server Properties, see Disable or enable administrator logging.
You can also configure an administrator logging service account to enhance security.
Recording reason logging
This part logs which policies have triggered recordings.
To enable the feature, enable both administrator logging and recording reason logging on your Session Recording servers. If Enable administrator logging is not selected, enabling recording reason logging does not take effect.
For information on how to enable the recording reason logging, see Disable or enable the recording reason logging.