Blog

Some time ago Citrix acquired Management Packs for SCOM. And, as often happens in IT, they did not continue the development and finally phased out the products in June 2020. In this article, you’re going to learn how to switch to uberAgent & Splunk and why that works so much better.

Welcome back to our four-part blog series about visualizing uberAgent data in Azure Monitor. So far you have learned the basics about Azure Monitor and the search language Kusto. You created your first Kusto search as well. Also, you learned that none of the built-in visualization options nor Grafana can compete with Splunk. This is…

Welcome back to our four-part blog series about visualizing uberAgent data in Azure Monitor. So far you have learned the basics about Azure Monitor and the search language Kusto. You created your first Kusto search as well. Also, you learned that none of the built-in visualization options can compete with Splunk. This is part three.

Welcome back to our four-part blog series about visualizing uberAgent data in Azure Monitor. In the first part, you learned the basics about Azure Monitor and the search language Kusto. You created your first Kusto search as well. This here is part two.

uberAgent ships with more than 60 Splunk dashboards to visualize its comprehensive data set. In addition to Splunk, uberAgent has been supporting Elasticsearch, Kafka, and Azure Monitor as alternative backends for a long time. While the data uberAgent sends to these backends is identical to the data sent to Splunk, we do not provide dashboards.

When humans need to identify an object in the digital world, the solution usually turns out to be a name that is “human-readable” and at the same time unique enough to allow for a sufficient amount of non-duplicate names. When it comes to machine names, unfortunately, macOS does not handle this solution very well. At least not by default.

Mozilla is constantly working on improving the security of the Firefox browser and its add-ons. While this is good in general, a recent policy change comes with a catch for enterprises.

Scheduled tasks are fantastic for hiding malware. There are multiple reasons for that: every Windows PC has a huge number of tasks, all of which are completely undocumented, there is no authentication mechanism for “good” tasks, and essential information is not available in the UI. Let us explore those caveats in more detail.

The other day I got a question from a customer if it is possible to monitor session activity with uberAgent. Of course, I thought! One has to just look at the session connection state which can be active, disconnected, etc. That is monitored by uberAgent very well. But when I thought about it further, I…

Is a browser just another app? Should Chrome, Firefox and Internet Explorer be monitored like Word, SAP and all the other business productivity tools? Or do browsers require special attention, dedicated features, specific support?

The wealth of data collected by uberAgent may initially be a little bit overwhelming. There are so many useful metrics that the hardest decision may be which one is the most useful. This post should help. We picked the top 10 issues we see in the field and we show how to pinpoint each one…

We put a lot of effort into making uberAgent a product that just works. Install it on your endpoints, point it to your Splunk backend and the dashboards immediately populate with these great metrics. That is just the way any (enterprise) software should work. Sometimes, however, you might get to a point where you want…

Splunk Enterprise and uberAgent is a winning combination to get visibility in end-user experience. However, for your lab or demo environment, Splunk Enterprise might be a little bit oversized. Gladly, we have Splunk Free as an alternative which gives you 500 MB indexing volume per day at no charge. Sadly, there is one feature that…

The size of user profiles is critical for logon performance, especially in SBC and VDI environments. Bloated profiles lead to slow logons and therefore unhappy users. Here is how to stay on track with your users’ profile sizes with uberAgent’s powerful script execution engine and Splunk.

Not too long ago it was next to impossible to determine a machine’s exact patch state. That changed with Microsoft’s move to the rollup model. Making patches exclusively available as cumulative monthly bundles enforces a linear update sequence, the current state of which can be represented by a single number, the UBR (update build revision).

As a good administrator, of course, you know at what speed your machines run because you have an eye on your CPU usage at any time – but do you? Modern CPUs do not make things easy.

GPUs, just like any other hardware, need to be sized properly. If there is unused capacity, money is being wasted. If, on the other hand, utilization is at maximum, the user experience is poor. Sizing requires information. In this case, about GPU usage, ideally per GPU engine and application. uberAgent delivers.

In addition to all the fuss around Spectre and Meltdown, there are several other security flaws which are worth mentioning. One of these is RDP session hijacking.

Would you like to find out which applications your users spend most of their time with? Which application versions are being run? How long ago applications were last used? You have come to the right place.

A new hire’s journey into the world of user experience monitoring. Hi, my name is Dominik Britz. I’m from Cologne, Germany and the latest team member of vast limits, the uberAgent company. I’d like to introduce myself, tell you why I’m here and what I’m going to do. I started my career as a consultant…

One of our customers wanted to identify users who launch a specific executable more often than n times in a given time range. That is easy to accomplish, given that uberAgent monitors process starts. This article describes multiple ways to query for that information.

uberAgent is often used in conjunction with Universal Forwarder, Splunk’s generic agent that monitors logs and collects the output from custom scripts. The combination of the two agents is a powerful one, as it allows customers to add any metric they require to uberAgent’s already rich dataset. However, running two agents side by side has…

I recently noticed a console window pop up for a fraction of a second on my desktop. About an hour later, it happened again. Random windows appearing out of nowhere is not something I like to see on my machines. Read on to learn how I investigated the issue.

One of the many things you come to love once you have used uberAgent for a little while is the fact that it is very application-centric. Applications are what really matters, not the individual processes they are comprised of. I will give you an example of that in this post.

Process whitelisting is an effective remedy against many types of malware. By allowing only known-good processes to run, you ensure that potentially malicious applications are blocked no matter where they came from. The difficulty with this approach lies with the creation of the whitelist. If you miss legitimate processes, applications break. Here is how uberAgent…

Citrix XenApp and other multi-user systems based on Remote Desktop Services host dozens or even hundreds of user sessions concurrently. Being able to reliably identify individual sessions and the processes running in them is a necessity for a variety of security, monitoring and capacity planning use cases. That is, however, much more difficult than it…

Agentless monitoring sounds great, but isn’t. Learn why a small footprint agent is superior. The Agentless Myths Agentless monitoring is the term often used for an architecture where the monitoring software does not require a component on the monitored endpoint. Instead, a centralized monitoring server queries the endpoints over the network. Myth #1: Agentless Exists…

One of the many cool things about uberAgent and Splunk is the ease with which you can extend the product and create your own reports. Splunk’s powerful search and report language is up to almost any conceivable task. Session Count per Data Center Many companies distribute their Citrix XenApp servers across two data centers. During…

uberAgent can tell you a lot about applications: performance, resource utilization and where and by whom they have been used. uberAgent’s dashboards show on how many different computers an applications was running, the number of instances per app version and the number of distinct users per app. But even with this wealth of built-in visualizations…

This post is part of a series of articles that highlight and explain specific aspects of uberAgent’s functionality. What is uberAgent? uberAgent is a Splunk agent for Windows end-user computing analytics focused on user experience and application performance. It provides deep insights into the user logon process, helps identify bottlenecks caused by slow backend systems…