Using tools to gather external logins to the Citrix Farm
There are a variety of ways to distinguish internal and external users of your Citrix farm. The method we employ is to utilize the logging that’s part of any Citrix Secure Ticket Authority (STA) in your Citrix Farm. You can turn logging on your designated STA’s by following the information in this Citrix article: CTX101997. Turning this on gives us the following data in logs (located in %PROGRAMFILES%\Citrix\Logs\)
INFORMATION 2009/05/20:00:13:22 CSG1305 Request Ticket - Successful. A995AD36B87524A208BB23A804AC3110 V1 CSGTestData Thisistheextendeddata
INFORMATION 2009/05/20:00:13:22 CSG1303 Ticket timed out. A8478127C7971E4CD95C28FFD2B85BBE
INFORMATION 2009/05/20:00:13:23 CSG1305 Request Ticket - Successful. FF985D4B11DA3AE7B6CBBAA9CA833415 V1 CSGTestData Thisistheextendeddata
INFORMATION 2009/05/20:00:13:23 CSG1303 Ticket timed out. CDE1751C367B45506481C26727C3E6C1
INFORMATION 2009/05/20:00:13:23 CSG1305 Request Ticket - Successful. 19078A551F501BCC0F77E7361EE76CAD V1 CSGTestData Thisistheextendeddata
INFORMATION 2009/05/20:00:13:23 CSG1303 Ticket timed out. 414CB490647B8A2FCE023D66E7D0850E
and so on.
You will need to parse for a line like the following:
INFORMATION 2009/05/20:00:13:24 CSG1305 Request Ticket - Successful. 5C6C67EB127CFDB0821DC88CA1C10972 V4 CGPAddress = XXX.XXX.XX.XXX:2598:localhost:1494 Refreshable = false XData = <!--DOCTYPE CtxConnInfoProtocol SYSTEM "CtxConnInfo.dtd"-->XXX.XXX.XX.XXX:1494USER@DOM.COMRemote Desktop AccessICA ICAAddress = XXX.XXX
From the above line we can get the ticket status, the username, the published application, and the target server that hosts the application. When this is parsed and placed in a database, we can associate a time and date with the ticket creation and determine how long the user is logged in and what applications they are running.
To accomplish the data gathering, we use tools from InterSect Alliance like Epilog Agent for Windows to tail the stalog files. This raw data is then sent to a server running Kiwi SysLog. Kiwi parses the data (using a script) and then inserts it into a database table. We’ve found these tools to be inexpensive and have a low resource utilization.
So, to sum up we have external users connecting to our Citrix farm and STA logs generating when they connect, what they run, and what server they connect to. We parse the logs into a database and that gives us a real-time/historical record of the user’s use of our Citrix farm. Next post will cover gathering average telecommuting statistics from the Internet.
Green is in the news a lot lately. Its importance has risen as the economy has slowed and the promise of various virtualization technologies to be “green” or allow a company to be greener has fired up the marketing wings of the companies that sell these technologies. There are also a lot of ROI and savings reports that come along touting the economic advantages of virtualization. A recent article by Virtualization Rock Star Brian Madden notes the hidden costs of VDI, which can be applied to any virtualization endeavor.
So, you run a Citrix farm and provide access to remote users. Did you know that you’re contributing to the green economy and saving your users and company money? I intend on showing you how to mesh your user login information along with average costs and savings for telecommuting and displaying the results in a dashboard in real-time.
I’m planning on covering this series in 5 posts:
Part 1 – Using scripts to gather external logins to the Citrix Farm
Part 2 – Gathering average telecomuting statistics
Part 3 – Calculating savings and costs
Part 4- Displaying how Green your Citrix farm is in real-time.
Since we had changed our front end to dual NetScalers (9010 Plantium edition) we ran into a problem delivering a certain application. Previously with MSAM (yes, we were one of 2 customers with that gem of a solution) we had 2 sets of servers with different session timeout settings to service internal and external users accessing the application. Users with an external IP (i.e. working from home) got routed to the external servers and vice-versa for internal.
Due to load balancing our connections internally with 2 other Netscalers, We found that the IP forwarded to the farm would be internal, thus making the load evaluator which routed external users useless. The only way we could find to resolve this was to move the VIP to an externally facing IP, thus our load evaluators would work and route users correctly again.
This brings me to the above picture. In all the years of managing Citrix, I’ve never changed the Access Control screen when publishing an application. Today, we all were looking at it and realized that it might have been a much simpler solution and would have resolved the issue quickly. That being said, it would have required us to publish 2 different versions of the application in such a way that it would not be obvious to our users.
I just wanted to share this since we all have moments when we cannot see the forest for the trees.