Citrix Scout gives IT admins tools to enable proactive maintenance and diagnostics on Citrix Virtual Apps and Desktops deployments. Its comprehensive, automated analysis of diagnostics collections through Citrix Insight Services enables admins to troubleshoot issues, either on their own or with guidance from Citrix Support.

One of the top requests I get as a product manager for Citrix Scout is for the capability to mask the data and logs being captured by Scout to remove any environment-specific variables like machine names and usernames.

Now, with the Citrix Virtual Apps and Desktops 2003 release, we’re offering data masking capabilities within Scout. For LTSR deployments, new Scout features will be included in upcoming Cumulative Update (CU) releases. When Scout is launched in the data-masking mode, new options are presented to the admin to allow masking sensitive data in the Scout bundle (log files, environment information, files etc.) before uploading them to Citrix. This is exciting news for organizations who are continuously looking for new ways to secure their information as it is being shared. The following data elements are masked from the Scout bundle:

  • IP address
  • Machine name
  • Domain name
  • Username
  • Hypervisor name
  • Machine Catalog name
  • Delivery group name
  • Application name
  • SID

Collecting New Logs with Masking

To launch Scout in data masking mode, an admin needs to launch ScoutUI.exe with the “datamasking” command line parameter.

Launch Scout with data masking mode enabled

After Scout is launched, the next step is to create the Scout bundle. There are two options available to create the Scout bundle:

  • Collect diagnostics from controllers, VDA, and more. Admins can run diagnostics on a collection of machines and upload the file containing the collection to Citrix or save it locally.
  • Trace and reproduce issues and collect diagnostics. With this feature, users can easily collect all relevant traces for reproducible issues and use it for analysis or provide to Citrix for assistance.

After the admin creates the Scout bundle, they get a configuration screen for data masking. Here the admin can customize the target strings that would be used for the masking operation. Defaults are already provided, and updating the masking strings is optional.

Data masking options

On completion of the masking operation, Scout provides the following:

  • Original Scout bundle
  • Masked Scout bundle
  • Mapping file
Links to the original bundle, masked bundle and the mapping information

The mapping file is provided as JSON, which details all the translations that were performed.

Sample of the JSON mapping file showing the original and replacement strings

Masking Existing Logs

The data mapping feature can also be used for existing Scout bundles. For masking existing bundles, ScoutUI.exe needs to be launched with the “datamasking” command-line parameter and the location of the original bundle.

Data masking for existing Scout bundles

This launches Scout and lands the admin directly on the data masking options screen.

Learn More

With the data masking feature, security-sensitive customers have an option to anonymize the Citrix Scout bundle before sharing with Citrix support staff and others. Read the product documentation to learn more about Citrix Scout and the data masking feature.