Troubleshoot event transmission issues from a data source 编辑

June 2, 2022 Contributed by:  C

Troubleshoot event transmission issues from a data source

This section helps you to troubleshoot data transmission issues in Citrix Analytics for Security. When a data source fails to transmit user events accurately, you can encounter issues such as non-discovery of users and risk indicators.


Checklist

SequenceChecks
1Do you have the correct entitlement to use Security Analytics?
2Is the data source supported in your home region?
3Does your environment meet all the system requirements?
4Are all the data sources discovered and data processing enabled on Analytics?
5Are the user activities on the data source transmitting events accurately to Analytics?
6Are the virtual apps and desktops events transmitted to Analytics?
7Are the user events appearing on the self-service search page in Analytics?
8Are the users discovered by Analytics?


Check 1- Do you have the correct entitlement to use Security Analytics?

Citrix Analytics for Security is a subscription-based offering. You can either use a limited trial or buy a subscription to use this offering. For more information, see Getting started
.


Check 2- Is the data source supported in your home region?

Citrix Analytics for Security is supported in the following home regions:

  • United States (US)

  • European Union (EU)

  • Asia Pacific South (APS)

Depending on the location of your organization, you can onboard to Citrix Cloud in one of the home regions.

However, certain data sources are not supported in all home regions. The data sources
are the products from which Citrix Analytics for Security receives user events.

If your organization is onboarded to Citrix Cloud in a home region where a data source is not supported, you don’t get user events from the data source.

Use the following table to view the data sources and the regions in which they are supported.

Data sourceSupported in US RegionSupported in EU RegionSupported in APS Region
Citrix Content CollaborationYesYesYes
Citrix Endpoint ManagementYesYesYes
Citrix Gateway (on-premises)YesYesYes
Citrix Identity providerYesYesYes
Citrix Secure BrowserYesYesYes
Citrix Secure Private AccessYesNoNo
Citrix DaaS (formerly Citrix Virtual Apps and Desktops service)YesYesYes
Citrix Virtual Apps and Desktops on-premisesYesYesYes
Microsoft Active DirectoryYesYesYes
Microsoft Graph SecurityYesYesYes

If your organization is onboarded to Citrix Cloud in the Asia Pacific South home region, enable the Content Collaboration service integration in the Workspace Configuration settings in your Citrix Cloud account. For more information, see Known issues
.


Check 3- Does your environment meet all the system requirements?

Citrix Analytics can take a few minutes to receive the user events from the data sources. If you do not see any user events on the data source site cards, ensure that your environment meets the prerequisites and the system requirements
.

Prerequisites

  1. All your Citrix Cloud subscriptions must be active. On the Citrix Cloud page, ensure that all the Citrix Cloud services are active.

  2. If you are using on-premises Citrix Virtual Apps and Desktops, you must add your sites to Citrix Workspace and configure site aggregation. Citrix Analytics automatically discovers the Sites added to Citrix Workspace. For more information, see Aggregate on-premises virtual apps and desktops in workspaces
    .

  3. If you are using a StoreFront deployment for your sites, configure your StoreFront servers to enable Citrix Workspace app to send user events to Citrix Analytics. Ensure that the StoreFront version is 1906 or later. If you do not configure the StoreFront server, Citrix Analytics fails to receive user events from on-premises Citrix Virtual Apps and Desktops. To configure StoreFront deployment, see the Citrix Analytics service
    article in the StoreFront documentation.

  4. The Citrix Virtual Apps and Desktops users and Citrix DaaS users must use the specified version of Citrix Workspace apps or Citrix Receiver on their end points. Otherwise, Analytics does not receive the user events from the user end points. The list of supported versions of Citrix Workspace app or Citrix Receiver is available in Citrix Virtual Apps and Desktops and Citrix DaaS data source
    .

  5. To receive the users events from a published Secure Browser session, enable the Hostname Tracking setting in the Secure Browser. By default, this setting is disabled. For more information, see Manage published secure browsers
    .

  6. Onboard your data sources as mentioned in the following articles:


Check 4- Are all data sources discovered and data processing enabled on Analytics?

Ensure that all your data sources are discovered and you have enabled data processing for them. If you do not enable data processing for a data source, the users using the data source are not discovered. This situation might create a potential security risk.

Enabling data processing ensures that Citrix Analytics is processing your user events. Events are sent to Citrix Analytics only when the users are actively using the data source.

Note

Citrix Analytics does not actively pull data from your environment.

To discover your data sources and enable analytics, do the following:

  1. Click Settings > Data Sources > Security to view your discovered data sources. Citrix Analytics automatically discovers the data sources that you have subscribed on your Citrix Cloud account.

    Data source page

  2. On the Data Sources page, the discovered data sources appear as site cards. By default, the data processing is off.

    Important

    Citrix Analytics processes your data after you have given your consent.

    Site cards

  3. Click Turn On Data Processing on the site card for which you want Citrix Analytics to process events. For example, on the Citrix Secure Private Access site card, click Turn On Data Processing.

    site card access

  4. After you have turned on data processing, Citrix Analytics processes the events for the data source. The status of the site card changes to Data processing on. You can view the number of users and the received events based on the selected time period.

    access events

  5. For all discovered data sources, follow the steps specified in Getting started
    to enable analytics.


Check 5- Are the user activities on the data source transmitting events accurately to Analytics?

Citrix Analytics receives user events from the data sources when the users are actively using the data sources. The users must perform some activities on the data source to generate events. For example, to receive events from the Content Collaboration data source, the Content Collaboration users must share, upload, or download some files.

Note

Citrix Analytics does not actively pull data from your environment.

If you do not see any user events in Citrix Analytics for your data source, there is a high probability that the users are not active at that moment.

To verify that Citrix Analytics accurately receives the user events, perform the following activity. This activity uses the Citrix Content Collaboration data source. You can perform a similar activity using other Citrix products (data sources) based on your subscription.

  1. Log on to the Citrix Content Collaboration service.

  2. Perform some usual user activities such as create folder, download files, uploads files, or delete files.

    User activity

  3. For example, create a Test folder.

    Test folder

  4. Upload some local files.

    Upload local files

  5. Delete some files in the folder.

    Delete file

  6. Go back to Citrix Analytics and view the Content Collaboration side card on the Data Source page. Citrix Analytics receives the user events from the Content Collaboration data source and displays on the site card.

    User events


Check 6: Are the virtual apps and desktops events transmitted to Analytics?

Some versions of Citrix Workspace app or Citrix Receiver client fail to send user events to Citrix Analytics. When users launch virtual apps and desktops through these clients, Citrix Analytics fails to discover the users until they perform the supported events.

For example, the Citrix Workspace app for Linux 2006 or later does not send the SaaS App Launch and SaaS App End events to Citrix Analytics. A user who launches a SaaS app using Citrix Workspace app for Linux is not discovered on Citrix Analytics.

Supported events

Refer to the following table to check the user events supported by each client version.

  • Yes- The event is sent by the client to Citrix Analytics.

  • No- The event is not sent by the client to Citrix Analytics.

  • NA- The event is not applicable for the client.

EventWorkspace app for Windows 1907 or laterWorkspace app for Mac 1910.2 or laterWorkspace app for Linux 2006 or laterWorkspace app for Android-Latest version available in Google PlayWorkspace app for iOS-Latest version available in Apple App StoreWorkspace app for Chrome-Latest version available in Chrome Web StoreWorkspace app for HTML5 2007 or later
Account LogonYesYesYesYesYesNoNo
Session LogonYesYesYesYesYesYesYes
Session LaunchYesYesYesYesYesYesYes
Session EndYesYesYesYesYesYesYes
App StartYesYesYesNoYesYesYes
App EndYesYesYesNoYesYesYes
File DownloadYesYesYesNoNoYesYes
PrintingNoYesYesNoNoYesYes
SaaS App LaunchYesYesNoNoNoNoNo
SaaS App EndYesYesNoNoNoNoNo
SaaS App URL NavigationYesYesNoNoNoNoNo
SaaS App Clipboard AccessYesYesNoNoNoNoNo
SaaS App File DownloadYesYesNoNoNoNoNo
SaaS App File PrintYesYesNoNoNoNoNo

Recommendation

To get the maximum benefits of Analytics, Citrix recommends the following:

  • Windows user: Connect to your Citrix Virtual Apps and Desktops and Citrix DaaS using Citrix Workspace app for Windows 1907 or later.

  • Mac user: Connect to your Citrix Virtual Apps and Desktops and Citrix DaaS using Citrix Workspace app for Mac 1910.2 or later.


Check 7- Are the user events appearing on the self-service search page in Analytics?

Perform this final check to ensure that the events are being transmitted accurately to Citrix Analytics.

  1. On the top bar, click Search to go to the self-service search page.

    Search tab

  2. Select the data source to view the corresponding search page and the events.

    Search page

  3. To view the data associated to the Content Collaboration events, select Content Collaboration from the list, select the time period, and then click Search.

    Search result

For more information, see Self-service search
.


Check 8- Are the users discovered by Analytics?

When events start flowing to Citrix Analytics, the users generating the events are discovered and shown on the Users dashboard. This process usually takes approximately a few minutes before you can view them on the dashboard.

  1. Click the Discovered Users link on the Users dashboard to view the complete list of users discovered by Citrix Analytics.

    Discovered users

  2. The Users page displays the list of all users discovered for the last 13 months. Select the time period to view the risk indicator occurrences.

    Discovered users page

If events are being transmitted successfully, your Citrix Analytics environment is performing as expected. Risk indicators are generated when anomalies are detected.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:7 次

字数:21234

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文