Product documentation
uberAgent
Current Release (7.5.x) 7.4.x 7.4.0 7.3.1 7.3.0 7.2.1 7.2.0 7.1.2 7.1.1 7.1.0
View PDF

uberAgent 7.5.1

December 11, 2025
Contributed by: 
C

About the release

This uberAgent release includes new features, improvements and bug fixes.

For installation and upgrade instructions:

Please note that uberAgent 7.5.0 is only available with Citrix Virtual Apps and Desktops 2511. Technically, it’s the same version as uberAgent 7.5.1. The only difference is that uberAgent 7.5.1 now also uses the Citrix License Activation Service for non-VDA deployments.

What’s New

Licensing via Citrix License Activation Service

With uberAgent 7.5.1, uberAgent switches its licensing technique to use the Citrix License Activation Service (LAS). This means that the product will no longer work with legacy uberAgent license files (e.g., uberAgent.lic). To make ensure uberAgent is able to communicate with the LAS backend, please verify that your endpoints are able to connect to the license servers listed here.

If uberAgent can not contact the LAS backend, the license verification may fail and uberAgent does not start. Note, this may require uberAgent to use a proxy, depending on your environment. For instructions on how to configure uberAgent to use a system proxy follow this guide. Please also consult the uberAgent license guide for more details. [B1143]

Configure ProcessDetailTopN Metric Granularity

It is now possible to fine-tune the number of processes reported by the ProcessDetailTopN metric, if uberAgent should not collect data about all processes. Specify the number of processes you want to monitor directly in the metric name (e.g., ProcessDetailTop10). This setting allows to control the amount of processes included in each of the five performance categories. This setting can be used to enable more efficient data collection in data volume optimized configurations. Please see the documentation for more details. [B535]

Managed User Profile Metrics on Windows

uberAgent now collects detailed metrics for managed user profiles on Windows systems. The initial release includes full support for Citrix Profile Management, providing deeper insights into user profile behavior and performance for environments utilizing this technology. Metrics are visualized on a new Splunk dashboard, the User Profile Overview and additionally on the Single Logon dashboard. [B1089]

Citrix macOS VDA: HDX Session Metrics

uberAgent extends its monitoring capabilities to Citrix VDA for macOS, now collecting detailed metrics on HDX sessions. When installed on a macOS VDA, The product provides visibility into session and virtual channel performance by adding macOS-related events to the sourcetypes: uberAgent:CitrixSession:VirtualChannelDetail, uberAgent:CitrixSession:SessionConfig, and uberAgent:Session:SessionDetail. The data is visualized on the existing Splunk dashboards. [B977]

Config & Support Tool Enhancement (macOS and Windows)

The Config & Support Tool has been improved to simplify the setup of proof of concept (PoC) installations and streamline troubleshooting. Users can now quickly generate support and configuration bundles on both macOS and Windows, enabling faster issue resolution and smoother onboarding. Additionally, the tool now provides an option to customize the configuration before creating a configuration bundle. The Config & Support Tool is now automatically installed with uberAgent. More details can be found in the tool’s documentation. [B1052, B1033]

Citrix Session Insights

A new Splunk dashboard, Citrix Session Insights, is now available. This dashboard offers baseline insights on Citrix logon durations, session responsiveness, and disconnect events. It provides administrators with a comprehensive comparison of current session performance with respective baseline values. Consult the documentation for more details. [B995]

macOS System Log Forwarding

uberAgent can now collect and forward events from the macOS system log. This enhancement gives administrators deeper insight into macOS system activities and improves monitoring capabilities across Apple devices. See the documentation for implementation details, and examples. [B945]

Customizable Ignored Processes During Logon

uberAgent monitors various phases of a logon, including the execution of a logon script. To determine the phase duration, it waits for all child processes of the main logon process to finish. If there is a process that was started by the logon script but keeps running throughout the user session, it can cause the logon phase to be reported as taking longer than it actually did. To avoid this, you can now configure uberAgent to ignore certain processes that are started by the logon script. See this article for implementation examples. [B676]

Improvements

Agent

All platforms

  • [I1434]: web response messages are no longer printed to stdout.
  • [B779]: time unit suffixes are now allowed in time interval specifications, e.g., 25s stands for 25 seconds. Previously, all time intervals were interpreted as milliseconds. The old format (without specifiers) is still supported.
  • [B1102]: the default state of the uberAgentEnabled Citrix policy is now enabled. Previously, it was disabled.
  • [I1245]: when an unsupported attribute is used in a [ThreatDetectionRule] stanza, a log message is written instead of silently discarding the rule.
  • [I1357]: fixed an agent crash if an Azure Event Hubs configuration is invalid.
  • [B1051, B1077]: integrated the Config & Support Tool into the macOS and Windows installers.
  • [I1344]: receiver names are now checked for the following illegal characters: /\:*?"<>|
  • [I1079]: when sending the data, the index name is taken from the uberAgent configuration (for Splunk or Kafka backends). This allows for index name changes without affecting buffered events.

Windows

  • [B1046]: added the GUID of the foreground process to the SessionDetail sourcetype.
  • [B1093]: WMI queries are now executed directly in the agent without calling external programs. This is the new default setting.
  • [I1459]: the LogonServer field of the sourcetype uberAgent:Logon:LogonDetail is now left empty for Entra joined devices.
  • [I1482]: fixed an issue where uberAgent did not update its own %PATH% environment variable when multiple PowerShell versions are installed on the system.
  • [I1289]: fixed an issue where some unicode characters were converted incorrectly when collecting CVAD, DaaS and NetScaler metrics.
  • [B1147]: improved update handling for uberAgent installations managed by the CVAD installer.
  • [I1331]: remove the entire registry key HKLM\SOFTWARE\Citrix\uberAgent during deinstall.

macOS

  • [B999]: enhanced detection and recovery after tampering with communication resources of helper binaries.
  • [B1105]: significantly reduced CPU usage during Endpoint Security event processing by implementing bundle information caching.
  • [B1038]: system extensions are now associated with their originating applications.

Splunk

  • [B1086, B1181]: improved the Licensing status dashboard to provide a better overview of active licenses and Citrix LAS communication errors.
  • [B1089]: added user profile details to the Single Logon dashboard.
  • [B1108]: added a drilldown to the Application Input Delay and Process Input Delay dashboards.
  • [B1109]: added a drilldown to the Logon duration per host (top 10) panel on the User Logon Duration dashboard.

Release notes

  • Code Signing (Windows) [B1050]: updated remaining binaries’ code signing certificates to use certificates issued for Citrix Systems, Inc..
  • Code Signing (Windows) [I1487]: updated file attribute of all binaries CompanyName to reflect the official company name: Citrix Systems, Inc..
  • Dashboards [B571]: added the field OsName to the hostinfo lookup.
  • Dashboards [B571, B986, B987]: added the fields OsName, HwBiosVersion, and SourceIndex to all data models.
  • Dashboards [B987]: added the field HwBiosVersion to the hostinfo lookup.
  • Dashboards [B995]: the Citrix Session Protocol Insights dashboard was renamed to Citrix Session Protocol Details.
  • Dashboards [B995]: in uberAgent UXM, the SBC/VDI menu has been renamed to Citrix, and Experience Score Overview to Scores & Insights.
  • Installer (Windows) [B1103]: upgraded the code signature digest algorithm from SHA-1 to SHA-256.
  • Installer (Windows) [I1338]: updated file attribute Authors to reflect the official company name: Citrix Systems, Inc..
  • Licensing (macOS, Windows) [B1135, B1138]: uberAgent now supports Citrix CVAD licensing; when present, it takes precedence over the license file.
  • Sourcetype (macOS) [B945]: new sourcetype uberAgentESA:System:MacOsSystemLogForwarding with fields: LevelValue, Count, ProcessID, ProcName, Message, LevelDescription, Subsystem, Category and AppId.
  • Sourcetype (Windows) [B765]: uberAgent:Session:SessionDetail has new fields: CtxSessionKey, CtxAutoClientReconnectCount, CtxFrameRateInputFPS, CtxFrameRateTargetFPS, CtxFrameRateCurrentFPS, CtxEDTNAKPacketsSent, CtxOutOfOrderEDTPackets, CtxHDXDirectStatus.
  • Sourcetype (Windows) [B1046]: uberAgent:Session:SessionDetail has a new field: SessionFgProcessGuid.
  • Sourcetype (Windows) [B1089]: new sourcetype uberAgent:Session:SessionProfile with fields: SessionGUID, ProfileType, ProfileVersion, ProfileContainerDiskType, ProfileContainerDiskSizeLogonMB, ProfileFileCount, ProfileSizeMB, ProfileLargeFileCount.
  • Splunk data models [B995]: added the uberAgent UXM data model uberAgentUXM_CitrixBaselineInsights with the dataset uberAgentUXM_CitrixBaselineInsights.
  • Splunk data models [B0189]: added the dataset uberAgentUXM_Session_SessionProfile to the uberAgent UXM data model uberAgentUXM_Session.
  • Splunk data models [B1181]: added the fields ActivationExpiration and LasCommunicationErrors to the Splunk data set uberAgentUXM_License.
  • Threat Detection Engine [I1333]: the field Reg.Key.Sddl has been phased out to reduce complexity and focus on core improvements.
uberAgent 7.5.1
December 11, 2025
Contributed by: 
C
December 11, 2025
Contributed by: 
C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.