Auditing
Citrix Provisioning provides an auditing tool that records configuration actions on components within the provisioning farm. The auditing tool saves this information to the provisioning database. It provides administrators with a way to troubleshoot and monitor recent changes impacting system performance and behavior.
Administrator privileges determine viewable audit information and visible menu options. For example, a farm administrator views audit information within the farm. This functionality is unlike a device administrator who only views audit information for those device collections for which they have privileges.
Note:
Auditing is off by default. If the Citrix Provisioning database is unavailable, no actions are recorded.
To enable auditing
- In the Citrix Provisioning console tree, right-click on the farm, then select the Farm Properties menu option.
- On the Options tab, under Auditing, check the Enable auditing check box.
The following managed objects within a Citrix Provisioning implementation are audited:
- Farm
- Site
- Provisioning servers
- Collection
- Device
- Store
- vDisks
Recorded tasks include:
- Citrix Provisioning console
- MCLI
- SOAP Server
- PowerShell
Accessing auditing information
Auditing information is accessed using the provisioning console. You can also access auditing information using programmer utilities included with the product installation software:
- MCLI programmer utility
- PowerShell programmer utility
- SOAP Server programmer utility
In the console, a farm administrator can right-click on a parent or child node in the console tree to access the audit information. The audit information that other administrators can access depends on the role they were assigned.
To access auditing information from the Citrix Provisioning console
- In the Citrix Provisioning console, right-click on a managed object, then select the Audit Trail menu option. The Audit Trail dialog displays or a message appears indicating that no audit information is available for the selected object.
- Under Filter Results, select from the filter options, which enable you to filter the audit information based on, for example, user.
- Click Search. The resulting audit information displays in the audit table. Columns can be sorted in ascending and descending order by clicking the Column heading:
- Action list number: Based on the filter criteria selected, the order the actions took place.
- Date/Time: Lists all audit actions that occurred within the Start date and End date filter criteria.
- Action: Identifies the name of the Citrix Provisioning action taken.
- Type: Identifies the type of action taken. This action is based on the type of managed object for which the action was taken.
- Name: Identifies the name of the object within that object’s type, for which the action was taken.
- User: Identifies the user’s name that performed the action.
- Domain: Identifies the domain in which this user is a member.
- Path: Identifies the parent of the managed object. For example, a device has a site and collection as parents.
- To view more details for a particular action, highlight that action’s row within the results table, then click one of the option buttons that follow:
- Secondary: Any secondary objects that this action affected. This option opens the Secondary dialog, which includes the type, name, and path information. This dialog allows you to view secondary object actions such as parameters, sub actions, and changes.
- Parameters: Any other information used to process the action. This option opens the Parameters dialog. It includes the parameter name, representing the object, and the value.
- Sub Actions: Extra actions that were performed to complete this action. This option opens the Sub Actions dialog, which includes action, type, name, and path information.
- Changes: Any new or changed values (such as ‘Description’) associated with the object (such as a target device). This option opens the Changes dialog, which includes the name and new information.
Archiving the audit trail information
The farm administrator determines how long to make the audit trail information accessible before it is archived.
To configure the audit trail archiving
- In the console, right-click on the farm, then select Archive Audit Trail. The Archive Audit Trail dialog appears.
- Browse to the saved location where audit trail information resides (XML file). The Select File to Archive Audit Trail To dialog opens.
- Select the location, then type the name of the new file in the File name text box.
- Open the calendar from the End date menu, then select the date on which the audit trail information is archived. The default is the current date.
- To remove all audit information, select the Remove information archived from the Audit Trail check box. Once the information is removed, it can no longer be accessed directly from Citrix Provisioning. It exists in the XML file.
- Click OK.