Configure event detection policies

You can configure event detection policies through the Session Recording service to log target events in recorded sessions. Do not detect is the system-defined event detection policy. It’s inactive by default. When it’s active, no events are logged.


An event detection policy applies to all Session Recording servers of a specific site. You can create and activate separate event detection policies for different sites.

Event detection policies

Events that can be detected

Session Recording detects target events and tags those events in recordings for later search and playback. You can search for events of interest from large amounts of recordings and locate those events during playback.

System-defined events

Session Recording can detect and log the following system-defined events that occur during recorded sessions:

  • Insertion of USB mass storage devices

  • Application starts and ends

  • App failures

  • App installs and uninstalls

  • File renaming, creation, deletion, and moving operations within sessions

  • File transfers between session hosts (VDAs) and client devices (including mapped client drives and generic redirected mass storage devices)

  • Web browsing activities

  • Topmost window events

  • Clipboard activities

  • Windows registry modifications

  • User account modifications

  • RDP connections

  • Performance data (data points related to the recorded session)

  • Popup window events

When you create a custom event detection policy, you can add rules to select target events to monitor.

Adding a rule for an event detection policy

Rules for an event detection policy

Similar to creating a custom recording policy, you can choose one or more rule criteria. For more information, see the instructions in the Create a custom recording policy section.

Video about configuring policies

Video about configuring policies

Configure event detection policies