Changelog and Release Notes
- Browsers: uberAgent now determines UX metrics for SaaS and web apps in Firefox via a new extension. This complements the existing Chrome and IE extensions.
- Service: uberAgent now determines metrics for Citrix ADC (formerly NetScaler)
- Apache Kafka: uberAgent can now send the collected data to Apache Kafka via Confluent REST proxy
- Service: uberAgent now determines the window title of the active foreground window
- Service: uberAgent now reports the service display name as app name for svchost.exe instances hosting a single service (requires Windows 10 1703)
- Service: uberAgent’s session GUID is now stored in the registry for use in custom scripts
- Service: reverse DNS lookup with multiple names per IP address now prefers FQDNs over hostnames
- Browsers/IE add-on: the HTTP status code is now determined for page load events, too
- Data volume: added Splunk indexed data volume information per uberAgent index
- Log file: more detailed messages when the log file is rotated
- Log file: unconfigured metrics are logged to highlight a version mismatch between the agent and the configuration
- Licensing: Microsoft Azure AD domains are now supported for licensing
- Licensing: client/server license mismatch is now logged clearly
- Splunk: all scheduled searches in the Splunk dashboard app now have the setting “schedule_window = auto”. This helps the search scheduler operate more efficiently.
- Browsers/IE add-on: the field IsFrame is now determined correctly for webpages opened via command line, too
- Browsers/IE add-on: fixed incorrect PageLoadNetworkDurationMs calculation
- Browsers/Chrome extension: when the browser was started with an initial page from the commandline, the page load for the initial page was not determined due to timing issues
- Browsers/Chrome extension: various reliability improvements to the page load detection
- Blue screen monitoring: the first blue screen on an endpoint might not be picked up by the agent
- Logon monitoring: logon phases longer than approximately 7 minutes were shown to be much shorter than they really were
- GPU metrics: machine GPU compute values per engine could be higher than 100%
- Splunk: double quotes in fields sent as CSV were not escaped. This broke field extraction for the characters after a double quote; they were added to the field with the double quote. This would happen until either another double quote or the end of the event was reached.
- Splunk: odd numbers of backslashes at the end of fields sent as CSV were not escaped correctly. This caused the comma following the backslash not to be recognized as a delimiter.
- Splunk: double backslashes were not escaped correctly. This caused UNC paths to be displayed with a single leading backslash only.
- Splunk: added setting KV_MODE=auto_escaped to match the agent’s data format for KV sourcetypes
- Service: the agent service would shut down if an error occured during process snapshotting at service start
- Application versions: the AppVersion field of the sourcetype uberAgent:Application:ApplicationUsage might contain unwanted characters that were not present in other sourcetypes’ application version fields.
- Application versions: trailing dots and consecutive dots are now removed from application version fields
- Citrix licensing: the charts Licensing over time and Licenses might be empty
- Dashboards: dynamic adjustment of the timechart span to the selected time range did not work correctly
- Dashboard User Logoff Duration: fixed partially empty dashboard
- Service: Citrix metrics were not determined if non-Citrix metrics were configured later on in the same timer section
- Splunk: the minimum required Splunk version is now 6.3 (formerly 6.2)
- Splunk: there are now macros for each dataset’s datamodel. Using these macros exclusively in dashboards is highly recommended. Without these macros, future modifications to uberAgent’s data models would require changes to custom dashboards.
- Data models: separated inventory datasets in own uberAgent60m accelerated data model with the summarization period set to 60 minutes. This reduces the Splunk server load.
- Dashboards: changed SessionUser to SessionUserLower where applicable.
- Browser web app performance: when there are redirects during a page load, previously the original tab URL was displayed. Now, the final URL is determined instead.
- PE (executable) signatures: changed certificates; replaced dual-signing (SHA-1 + SHA-2) with SHA-2 only
- Service: UWP apps are now excluded in the sourcetype uberAgent:Application:UIDelay because the values were often unrealistically high
- Sourcetype uberAgent:System:MachineInventory has new fields: BIOSSerial and BaseboardSerial
- Sourcetype uberAgent:Session:SessionDetail has new field: SessionFgWindowTitle
- Sourcetype: new sourcetype uberAgent:CitrixADC:ApplianceInventory with fields: HostName, Version, License, Model, LicensingMode, HwDescription, SysId, ManufactureDay, ManufactureMonth, ManufactureYear, CpuFrequncy, SerialNo, EncodedSerialno, MACAddress, HostId, LastConfigSaveTime, Timezone, WeakPassword, SystemType, LastConfigChangedTime, LastStartupTime, CurrentHAStatus, LastHAStatusChange, SSLCards, SSLCardsUp
- Sourcetype: new sourcetype uberAgent:CitrixADC:AppliancePerformance with fields: HostName, NumCpus, MemSizeMB, MemUseInMB, MemUsagePcnt, MgmtCpuUsagePcnt, PktCpuUsagePcnt, Disk0PerUsage, Disk0Size, Disk0Used, Disk0Avail, Disk1PerUsage, Disk1Size, Disk1Used, Disk1Avail, ApplianceBytesReceived, ApplianceBytesSent
- Sourcetype: new sourcetype uberAgent:CitrixADC:Certificate with fields: HostName, CertName, CertFile, CertType, CertExpirationDate
- Sourcetype: new sourcetype uberAgent:CitrixADC:Gateway with fields: HostName, vServerName, PrimaryIpAddress, PrimaryPort, Type, State, TotalRequests, TotalResponses, RequestBytesRate, ResponseBytesRate, AuthLDAPPolicies, AuthRadiusPolicies, AuthSAMLPolicies, SessionPolicies, STAs, ResponderPolicies, RewritePolicies, Certificates, PortalTheme, SSL2, SSL3, TLS1, TLS11, TLS12, DiffieHellman, SSLProfile, SessionTimeout, Ciphers, CipherSuites
- Sourcetype: new sourcetype uberAgent:CitrixADC:Ip with fields: HostName, IpAddress, IpNetmask, IpType, IpvServer, IpMgmtAccess
- Sourcetype: new sourcetype uberAgent:CitrixADC:Service with fields: HostName, ServiceName, Protocol, PrimaryIpAddress, PrimaryPort, State, vServerName, ServiceMonitors
- Sourcetype: new sourcetype uberAgent:CitrixADC:ServiceGroup with fields: HostName, ServiceGroupName, Protocol, State, EffectiveState, vServerName, ServiceGroupMembers, ServiceGroupMonitors
- Sourcetype: new sourcetype uberAgent:CitrixADC:vServer with fields: HostName, vServerName, PrimaryIpAddress, PrimaryPort, Type, State, ActSvcs, TotHits, TotalRequests, TotalResponses, RequestBytesRate, ResponseBytesRate, VSLBHealth, RewritePolicies, ResponderPolicies, Certificates, SSL2, SSL3, TLS1, TLS11, TLS12, DiffieHellman, SSLProfile, SessionTimeout, Ciphers, CipherSuites
- Citrix Virtual Server Performance: in very rare cases the content of the field vServerName contains spaces in wrong places
- Citrix XA/XD Machines: when running the Citrix Virtual Delivery Agent on a Citrix Delivery Controller, some per-machine information is missing.
- IE add-on: metrics are not collected on page reload
- IE add-on: metrics are collected incompletely for the configured start page
- IE browser performance monitoring does not work if IE is running as a Citrix XenApp published application. It does work from published desktops, however.
- Boot duration: the metrics TotalBootTimeMs, MainPathBootTimeMs and PostBootTimeMs cannot be determined for every system boot.
- Update inventory: not all installed Windows updates may be reported due to API limitations