Product documentation
Citrix DaaS
View PDF

Configuration logging

October 21, 2024
Contributed by: 
C C

Note:

Configuration log records appear only in English, regardless of which language you select for your Citrix Cloud account. Dates and times associated with those records are in MM/DD/YY format, expressed in Coordinated Universal Time (UTC).

Configuration logging is a feature that captures Citrix Virtual Apps and Desktops and Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) deployment configuration changes and administrative activities to a logging database in Citrix Cloud. You can use the logged content to:

  • Diagnose and troubleshoot problems after configuration changes are made. The log provides a breadcrumb trail.
  • Assist change management and track configurations.
  • Report administrative activities.

In this Citrix DaaS, configuration logging is always enabled. You cannot disable it.

From Studio, you can view configuration log content, filtered by date ranges or by full text search. You can also generate a CSV report using PowerShell. From this console, you cannot edit or delete log content. You can use the Remote PowerShell SDK to schedule periodic data deletion from the log.

Update the retention of DaaS configuration logs

To maintain the performance of DaaS tenants, starting September 9th, 2024 configuration log retention will be set to 180 days.

Logs older than 180 days on September 9th, 2024 will be deleted. As we keep growing our DaaS Limits for a single DaaS tenant, this implementation ensures the best performance and resilience for our customers.

As a best practice, we advise customers to have a quarterly export mechanism. This can be done through PowerShell, see Generate reports. We also recommend customers schedule periodic date deletion, see Schedule periodic data deletion.

Permissions required (see Delegated administration):

  • Full Administrators in Citrix Cloud, plus Citrix DaaS Cloud Administrators and Read Only Administrators can view configuration logs in Studio.
  • Full Administrators and Cloud Administrators can also download a CSV report of logging activity, using PowerShell.

What is logged

The following operations are logged:

  • Configuration changes and administrative activities initiated from the Manage section and Monitor node
  • PowerShell scripts
  • REST API requests

Note:

You cannot see log entries for Citrix Cloud platform internal operations, such as database setup and management.

Examples of logged configuration changes include working with (creating, editing, deleting, assigning):

  • Machine catalogs
  • Delivery groups (including changing power management settings)
  • Administrator roles and scopes
  • Host resources and connections
  • Citrix policies through Studio

Examples of logged administrative changes include:

  • Power management of a virtual machine or a user desktop
  • Manage or monitor functions sending a message to a user

The following operations are not logged. (Many of them are not available to customer administrators.)

  • Automatic operations such as pool management power-on of virtual machines.
  • Policy actions implemented through the Group Policy Management Console (GPMC). Use Microsoft tools to view logs of those actions.
  • Changes made through the registry or from sources other than Studio, Monitor, or PowerShell.

View configuration log content

To view configuration log content, follow these steps:

  1. Sign in to Citrix Cloud.
  2. In the DaaS tile, click Manage.
  3. Select Logging in the left pane and click the Events tab.

By default, event logs are listed by administrator names. You can perform the following tasks as needed:

  • Sort the display. Sort the display by clicking a column header.
  • Filter logs. Refine the display by setting filter conditions such as day intervals or custom periods or by entering complete or partial Main Task names in the Search box. To return to the standard display after using search, clear the text in the Search box.
  • Export logs. Export selected or all logs to a CSV file for archiving or further analysis.
  • Customize columns. Tailor the display to your needs by adding non-default columns such as Client IP and Labels.
  • Manage labels. Add, edit, and remove labels for event logs to enhance log organization and tracking.

Display characteristics:

  • High-level operations created during management and monitoring are listed in the upper middle pane. A high-level operation results in one or more services and PowerShell SDK calls, which are low-level operations. When you select a high-level operation in the upper middle pane, the lower pane displays the low-level operations.
  • If you create a low-level operation in PowerShell without specifying a parent high-level operation, configuration logging creates a surrogate high-level operation.
  • If an operation fails before completion, the log operation might not be completed in the database. For example, a start record has no corresponding stop record. In such cases, the log indicates that there is missing information. When you display logs based on time ranges, incomplete logs are shown if the data in the logs matches the criteria. For example, if you request logs for the last five days, and a log with a start time in the last five days has no end time, it is included.
  • Remember: You cannot see log entries for Citrix Cloud platform internal operations, such as database setup and management.

To view tasks related to machine catalog operations, navigate to Logging > Tasks. The Tasks tab displays only tasks related to catalogs created through Machine Creation Services (MCS) or Provisioning Services (PVS). Specifically, tasks associated with the following machine catalog operations appear:

  • Create catalogs
  • Clone catalogs
  • Add machines
  • Remove machines
  • Update a catalog (update images or machines)
  • Roll back machine updates

Tip:

The Tasks tab displays only tasks related to provisioning scheme changes (creating or modifying a provisioning scheme).

A task can be in the following state:

  • Completed
  • Not started
  • Running
  • Canceled
  • Failed
  • Unknown

To cancel a running task, select the task and then click Cancel. The cancelation takes some time to complete.

Examples of logged tasks include:

  • Image update completed for a certain catalog
  • Error while updating the image for a certain catalog
  • Canceled image update for a certain catalog
  • Provisioning VMs to a certain catalog
  • Removing VMs from a certain catalog
  • Created a certain catalog

By default, the display in the center pane lists logged tasks chronologically (newest entries first), separated by date. You can sort the display by column header. To clear completed tasks, click Clear Completed Tasks under the Tasks tab. To choose which columns to appear in the display, select the Columns to Display icon in the top right corner of the table.

View API logs

To view REST API logs, navigate to Logging > APIs. The APIs tab displays REST API requests made during a certain time period.

Be aware of the following considerations:

  • REST API logs are cleared after you sign out of the console. (They are also cleared if you refresh your browser window.)
  • Any operations in the console that result in API calls have their corresponding API requests displayed on the APIs tab.
  • The display lists the API requests chronologically (newest entries first), separated by date. The maximum number of API requests in the display is 1,000.

View PowerShell logs

To view PowerShell commands corresponding to UI actions you’ve taken during the day, navigate to the Logging > PowerShell tab.

Associate metadata with configuration logs

You can attach metadata to configuration logs by associating a name-value pair called MetadataMap with the log records.

Note:

  • You can only attach metadata to high-level operation objects.
  • Metadata is associated with the existing records at the time of execution.

Set the metadata

Run the PowerShell command Set-LogHighLevelOperationMetadata to associate a log record with the MetadataMap. Set-LogHighLevelOperationMetadata takes the following parameters:

  • Id:ID of the high-level operation.
  • InputObject:The high-level operations to which you add the metadata. This is an alternative to the Id parameter where a high-level operation object or list of objects is passed to the PowerShell command.
  • Name:Property name of the metadata to be added. The property must be unique for the high-level operation specified. The property cannot contain any of the following characters: ()\/;:#.*?=<>|[]"'
  • Value:Value for the property.
  • Map:Dictionary of (name, value) pairs for the properties. This is an alternative to setting the metadata using the -Name and -Value parameters.

For example, to attach the metadata to all the high-level log records with Id 40, run the following PowerShell command:

Get-LogHighLevelOperation – Id 40 | Set-LogHighLevelOperationMetadata -Name A -Value B

To attach the metadata to the high-level record with the user abc@example.com, run the following PowerShell command:

Get-LogHighLevelOperation – User `abc@example.com` | Set-LogHighLevelOperationMetadata -Name C -Value D

Retrieve using the metadata

Run the following PowerShell commands to use the associated metadata to retrieve the log records:

  • Search by key and value:

    Get-LogHighLevelOperation -Metadata "Key:Value"

  • Search by value and any key:

    Get-LogHighLevelOperation -Metadata "*:Value"

  • Search by key and any value:

    Get-LogHighLevelOperation -Metadata "Key:*"

Remove the metadata

Run the PowerShell command Remove-LogHighLevelOperationMetadata to remove the associated metadata. Remove-LogHighLevelOperationMetadata takes the following parameters:

  • Id:ID of the high-level operation.
  • InputObject:The high-level operations to which you add the metadata. This is an alternative to the Id` parameter where a high-level operation object or list of objects is passed to the PowerShell command.
  • Name:Property name of the metadata to be removed. Set to $null to remove all the metadata for the specified object.
  • Map:Dictionary of (name, value)-pairs for the properties. This can be either a hashtable (created with @{“name1” = “val1”; “name2” = “val2”}) or a string dictionary (created with new-object “System.Collections.Generic.Dictionary[String, String]”). The properties whose names match the keys in the map are removed.

Generate reports

To generate a CSV or HTML report containing configuration log data, use PowerShell cmdlets for the ConfigLogging Service in the Citrix Virtual Apps and Desktops Remote PowerShell SDK. For details, see:

Schedule periodic data deletion

Use the Remote PowerShell SDK to specify how long data is retained in the configuration logging database. (This feature isn’t available in Studio.) In Citrix DaaS, you must have Full access.

In the Set-LogSite cmdlet, the -LoggingDBPurgeDurationDays parameter specifies how many days data is retained in the configuration logging database before it’s deleted automatically.

  • By default, the value of this parameter is 0. A zero value means that data in the configuration logging database is never deleted automatically.
  • When you set a non-zero value, the database is checked once every 120 minutes. Data older than the retention period is deleted.

Use Get-LogSite to view the current value of the parameter.

Differences from on-premises Citrix Virtual Apps and Desktops

If you’re familiar with configuration logging in the on-premises Virtual Apps and Desktops product, the Citrix Cloud version has several differences. In Citrix Cloud:

  • Configuration logging is always enabled. You cannot disable it. Mandatory logging is not available.
  • You cannot change the location of the configuration logging database, because the database is managed in the Citrix Cloud platform.
  • Configuration log displays do not include operations and activities that are performed within the Citrix Cloud platform.
  • PowerShell is your only choice to create a CSV or HTML report of logged operations. In the on-premises product, reports can be generated from Citrix Studio or PowerShell.
  • You cannot delete configuration log content.
Configuration logging
October 21, 2024
Contributed by: 
C C
October 21, 2024
Contributed by: 
C C

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.