Getting started with Infrastructure Monitoring

Note:

The following two steps are valid only for Provisioning Service and StoreFront components monitoring.

Step 1: Installation of Citrix Infrastructure Monitor

Perform the following steps to complete the installation on the target component to establish connection for secure data collection.

Step 1.1: Identify the target components

Identify the target components such as Provisioning Service or StoreFront servers which need to be monitored.

Step 1.2 Download Citrix Infrastructure Monitor

You can download CitrixInfraMonitor.msi from the Citrix downloads page on the target server identified in Step 1.1.

Step 1.3: Run Citrix Infrastructure Monitor

Run the CitrixInfraMonitor.msi installer on the target component by following the instructions in the installation wizard.

Note:

Users with administrative privileges can install and configure Citrix Infrastructure Monitor on the target component.

Once the installation is successful, you can view the Citrix Infrastructure Monitor Service in the Services section:

Step 1.4: Get the registration token

Get the token provided in the RegistrationToken.txt file at C:\ProgramData\Citrix\InfraMonitor\RegistrationToken.txt in the system where Citrix Infrastructure Monitor is installed and keep it ready for use in Step 2: Register Citrix Infrastructure Monitor.

Note:

Once you successfully install CitrixInfraMonitor.msi, the installer creates an exception for the 9595 port. If you are using any third-party firewall, you might have to allow TCP communication for this port manually for using the Citrix Infrastructure Monitoring service.

Step 2: Register Citrix Infrastructure Monitor

You can register Citrix Infrastructure Monitor using the following:

• Monitor UI
• Remote PowerShell SDK

Using Monitor UI

Complete the registration on the Monitor UI by performing the following steps.

Step 2.1: Navigate to the Connect Citrix components page

Click Settings > Connect Citrix components > Manage.

Or,

Click Infrastructure > Manage.

Step 2.2: Enter component details

On the Connect Citrix components screen, click Create connection. The Create a connection window appears.

Ensure the citrixinframonitor.msi is downloaded and installed on the target. For more information, see Step 1 in this document. Follow the instructions on the screen, and populate the component details required to establish a secure connection.

• Select a Component type from the drop-down list. This can be Provisioning Service or StoreFront.
• Enter the Hostname.
• Enter the Domain name.
• Enter the Username of the Provisioning Service or StoreFront machine.
• Enter the Password of the Provisioning Service or StoreFront machine.
• Select the Resource location.

Step 2.3: Authorize the connection

Get the Citrix Infrastructure Monitor token from the RegistrationToken.txt file at C:\ProgramData\Citrix\InfraMonitor\RegistrationToken.txt in the system where the Citrix Infrastructure Monitor is installed.

Enter the fetched token details in the Director UI. This authorizes the connection between the site and component.

The token text present in the RegistrationToken.txt file is regenerated when you restart the Citrix Infrastructure Monitor service. After the registration is successful, the token file is deleted from the machine. If you need to recreate a fresh token file for any reason, restart the Citrix Infrastructure Monitor service. For security reasons, the token file is removed after three failed registration attempts with an invalid token.

Step 2.4: Create connection

Once the details are populated, click Create. The created connection is available under the list of connections on the Connect Citrix components page.

Using Remote PowerShell SDK

Note:

The minimum required version of PoshSDK is 7.42.26154.48609 or later.

1. Ensure the prerequistes mentioned at Prerequisites are met.

2. Set up Remote Powershell SDK.

3. Run the following PowerShell command to register the Citrix Infrastructure Monitor:

   Add-MonitorDirectorAgent -Fqdn <FQDN of component> -Component <component> -AdminAddress localhost:19097 -ResourceLocationId <resourceLocationID> -Domain <domain> -Username <username> -Password <password> -Token <token>
   <!--NeedCopy-->
   

Note:

The user name and password are optional parameters. However, if you don’t provide these parameters, some of the metrics won’t be available for you.

The parameters of the preceding command are as follows:

Note:

• The token text present at the RegistrationToken.txt file is regenerated when you restart the Citrix Infrastructure Monitor service. After the registration is successful, the token file is deleted from the machine. If you need to re-register, restart the Citrix Infrastructure Monitor service.

• For security reasons, the token file is removed after three failed registration attempts with an invalid token.

Once you successfully register the Provisioning Service or StoreFront machine, the machine name details appear on the Monitor > Infrastructure tab.

A sample command to register for the Citrix Infrastructure Monitor is as follows:

[Optional] Steps to Configure HTTPS for Citrix Infrastructure Monitor

Note:

Citrix Infrastructure Monitor service works in HTTP mode as well and in this case, the following configuration isn’t required. However, we recommend you to use in https mode. Perform the following steps only if you need to configure https for Citrix Infrastructure Monitor.

Step 1: Upload the certificate to the machine

1. Get a PFX certificate for your machine where Citrix Infrastructure Monitor is installed. For more information on PFX file generation, see How to create a PFX file.

   Note:

   You can use password protected PFX files also.

2. Upload the certificate to the machine to any location.

Step 2: Import the certificate to computer certificates

1. Click Start > Run > type mmc, and then click OK. The Console 1 - [Console Root] window appears.

2. On the File menu, click Add/Remove Snap-in. The Add or Remove Snap-ins window appears.

   

3. Under Snap-in, double-click Certificates. The Certificates snap-in window appears.

   

4. Select Computer account, and then click Next. The Select Computer window appears.

   

5. Select Local computer.
6. Click Finish. The Certificates (Local Computer) section appears on the list of selected snap-ins for the new console.
7. Click OK.

8. Expand Certificates, right-click Personal > All Tasks > Import. The Welcome to the Certificate Import Wizard appears.

   

9. Select Next > Browse Files. Navigate to the location where you uploaded the PFX file, change the file type to All files and then select the respective PFX certificate.

   

10. Enter the PFX Password. You can leave it blank if there is no password.
11. Click Next.

12. For the Certificate Store, make sure that the Place all certificates in the following store option is selected and the Certificate store is selected as Personal.

    

13. Click Next.
14. Review the details and click Finish.
15. Wait for confirmation. The The import was successful message appears.
16. Navigate to Certificates > Personal and ensure that the certificate is present.
17. Delete the PFX certificate file from the machine.

Step 3: Provide read access to certificate

1. Right-click on the imported certificate > All Tasks > Manage Private Keys.
2. In the dialog that opens, select Add, and then search for Network Service. Click OK.
3. Select NETWORK SERVICE under Group or user names.
4. Allow Read access under Permissions for NETWORK SERVICE.
5. Click OK.

Step 4: Obtain the Thumbprint

1. Double-click on the imported certificate.
2. In the dialog that opens, navigate to the Details tab and scroll to the bottom.

3. Click Thumbprint.

   

4. Copy the value and keep it ready for the next step.

Step 5: Setting the environment variable

1. Open Control Panel.
2. Search for environment and select Edit the system environment variables.

3. Under System Variables (for all users), click New.

   

4. Specify the Variable name as DIRECTOR_AGENT_HTTPS_CERTIFICATE_THUMBPRINT.
5. Specify the thumbprint from the previous step under Variable value.
6. Click OK.

Step 6: Restart CitrixInfraMonitorService

1. Open PowerShell and run the following command:

   Restart-Service CitrixInfraMonitorService
   <!--NeedCopy-->
   

2. Ensure that the HTTPS is enabled by capturing the CitrixInfraMonitorService module and looking for the log line Start to listen on HTTPS….

   

Step 7: Enable HTTPs in Monitor configuration

You can enable HTTPs in Monitor service, using Remote PowerShell SDK.

Note:

The minimum required version of PoshSDK is 7.44.26401.2361 or later.

1. Ensure the prerequistes mentioned at Prerequisites are met.

2. Set up Remote Powershell SDK.

3. Run the following PowerShell command to enable HTTPS in Monitor configuration:

   Set-DirectorAgentHttps -AdminAddress localhost:19097 -EnableHttps $true
   <!--NeedCopy-->
   

Note:

To verify the existing settings value, run the Get-DirectorAgentHttps -AdminAddress localhost:19097 command.

In case you need to disable HTTPS in Monitor configuration, run the Set-DirectorAgentHttps -AdminAddress localhost:19097 -EnableHttps $false command.