I notice in the Session:SessionDetail:Users there is SessionClientTypeCtx, which has values in the doco of WI and ICA Client. In my results I am seeing WI and SSP; I am guessing SSP is the Storefront App and WI is Receiver for Web.
We have a number of users connecting via a Netscaler Gateway and in the Citrix Studio we can see the metric ConnectedViaIP; all the users who are connected remotely via the Netscaler Gateway are showing an IP address for this attribute, which lets us run a PowerShell command on the Studio to show total number of users connected via the Gateway (Remote Access).
Command for reference:
(Get-BrokerSession -AdminAddress <deliverycontrollerFQDN> -ConnectedViaIP <Gateway IP Address> -maxrecordcount 5000 | select UserUPN -Unique).count
I am using the following in uberAgent to count the number of remote users since all users who are remote are coming in via Receiver for Web (WI):
| pivot `uA_DM_Session_SessionDetail_Users` Session_SessionDetail_Users
filter SessionClientTypeCtx is "WI"
I use User since a single user might have multiple sessions, e.g. a main set of applications running on one VDA and a more specialized app running on its own server, which would give extra numbers of remote users if I were to split using SessionGUID.
Is the ConnectedViaIP metric available in the uberAgent splunk data?
Thanks and Regards,