Administrator Logging 编辑
Administrator Logging
Session Recording Administrator Logging logs the following activities:
Changes to recording policies and event logging policies on the Session Recording Policy Console or Citrix Director.
Changes in Session Recording Server Properties.
Downloads of recordings in the Session Recording Player.
Recording a session by Session Recording after policy query.
Unauthorized attempts to access the Administrator Logging service.
Warning:
Editing the registry incorrectly can cause serious problems that might require you to reinstall your operating system. Citrix cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk. Be sure to back up the registry before you edit it.
Disable or enable Administrator Logging
After installation, you can disable or enable the Session Recording Administrator Logging feature in Session Recording Server Properties.
- As an administrator, log on to the machine where Session Recording Administrator Logging is installed.
- From the Start menu, choose Session Recording Server Properties.
- Click the Logging tab.
When Session Recording Administrator Logging is disabled, no new activities are logged. You can query the existing logs from the web-based UI.
When mandatory blocking is enabled, the following activities are blocked if the logging fails. A system event is also logged with an Event ID 6001:
- Changes to recording policies on the Session Recording Policy Console or Citrix Director.
- Changes in Session Recording Server Properties.
The mandatory blocking setting does not impact the recording of sessions.
Configure an Administrator Logging service account
By default, Administrator Logging is running as a web application in Internet Information Services (IIS), and its identity is Network Service. To enhance the security level, you can change the identity of this web application to a service account or a specific domain account.
- As an administrator, log on to the machine hosting the Session Recording Server.
- In IIS Manager, click Application Pools.
- In Application Pools, right-click SessionRecordingLoggingAppPool and choose Advanced Settings.
- Change the attribute identity to the specific account that you want to use.
- Grant the db_owner permission to the account for the database CitrixSessionRecordingLogging on the Microsoft SQL Server.
- Grant the read permission to the account for the registry key at HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\Server.
Disable or enable the recording action logging
By default, Administrator Logging logs every recording action after the policy query completes. This case might generate a large amount of loggings. To improve the performance and save the storage, disable this kind of logging in Registry.
- As an administrator, log on to the machine hosting the Session Recording Server.
- Open the Registry Editor.
- Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\SmartAuditor\Server.
Set the value of EnableRecordingActionLogging to:
0: disable the recording action logging
1: enable the recording action logging
Query the Administrator Logging data
Session Recording provides a web-based UI to query all Administrator Logging data.
On the computer hosting the Session Recording Server:
- From the Start menu, choose Session Recording Administrator Logging.
- Type the credentials of a LoggingReader user.
On other computers:
- Open a web browser and visit the webpage for Administrator Logging.
- For HTTPS:
https://servername/SessionRecordingLoggingWebApplication/
, whereservername
is the name of the machine hosting the Session Recording Server. - For HTTP:
http://servername/SessionRecordingLoggingWebApplication/
, whereservername
is the name of the machine hosting the Session Recording Server.
- For HTTPS:
- Type the credentials of a LoggingReader user.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论