Citrix Cloud Analytics

Citrix Cloud Analytics solutions facilitate organizations to detect and deflect potential threats and instantly address performance issues long before security incidents occur, or employees begin to submit help desk tickets. Citrix Analytics for Security continuously assesses the behavior of Citrix Virtual Apps and Desktops users, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) users, and Citrix Workspace users. It applies actions to protect sensitive corporate information.

Netsurion dashboard and reports will provide information about possible attacks, suspicious activities, or any other threat noticed in user activities based on the user’s risk score.

For a new instance, integrate Citrix Cloud Analytics with Netsurion by streaming the logs to Logstash and then to Netsurion using a syslog extension from Logstash.

Configure the alerts, dashboards, and reports into Netsurion once configured to deliver events to the Netsurion Manager.

Alerts

Type Name Description
Security Citrix Cloud Analytics - User risk score change and suspicious activities detected This alert is triggered when the following events occur.
  • Change in user’s risk score: If there is a change in a user’s risk score (that is, an increase or decrease in the risk score) based on user activity.
  • Detection of suspicious activities: If there is a summary of the event that indicates a threat or risk based on user activity.

Reports

Type Name Description
Security Citrix Cloud Analytics - User risk score activities This report delivers detailed information on the increase and decrease of the user risk scores. It includes username, risk score value changes (difference between earlier and current risk score), and more.
Security Citrix Cloud Analytics - User profile summary This report provides a detailed summary of user data usage, location, and device access information.
Security Citrix Cloud Analytics - User risk activities summary This report summarizes any suspicious activities or threats linked to a user. It comprises user details, threat type, the severity of the threat, risk probability, and other events occurrence details.

Documentation

The configuration details are consistent with Netsurion version 9.3 and later, and Citrix Analytics.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept