Session-Recording Setup

This section describes the procedures for setting up session recording.

When session recording is enabled, connection-specific audit events also provide:

  • Video playback. With SSH sessions you can search for keyword occurrences.

  • Transferred files.

  • Clipboard (RDP only).

  • Channel logs (SSH only).

To enable session recording for connections to a host:

  1. On the ​Administration→Hosts​ page, ​Edit​​ the host.

  2. Under Options​​, enable the setting ​Session Recording​​. Click ​Save​​ to apply your changes.

    Subsequent sessions to the host are recorded. You can view the playback and transferred files from the connection-specific audit events, available from ​Monitoring→Connections​​.

Session recordings should not be stored on PrivX servers as they may consume lots of disk space; you should configure PrivX to store session recordings on an external share instead (such as NFS or EFS). To set up external storage share for PrivX session recordings:

  1. On your external storage server, create a share for storing PrivX session recordings. The share must be a directory that satisfies the following:
  • The share must be mountable by all PrivX servers.

  • The share must be readable and writable by the ​privx​​ system user of every PrivX server.

  1. On each PrivX server, install any extensions required for mounting the external-storage share. For example, to mount NFS shares you will likely need to install ​nfs-utils​​; for SMB shares you will likely need ​cifs-utils​​. These extension packages are available from the RHEL/CentOS public repositories.

  2. On each PrivX server, mount the external share to a local directory. The directory path must be the same on all PrivX servers. To enable mounting the share on system startup, we recommend adding the mount directive to ​/etc/fstab​.

    To allow the GUI to display other connection logs when the NFS server is unavailable, mount the share with options like the following:

    soft
    timeo=10
    retry=1
    
  3. To configure PrivX with the new storage location, access the PrivX GUI, go to Administration→Settings→Global, and specify the location in Data folder.

    Save your changes, then restart PrivX services to apply the changes.

    📘

    Note

    PrivX generates keyframe data when opening RDP session recordings for the first time. Note that this may take up to several minutes for large RDP and web-connection trails. Also note that RDP session recording takes considerable storage space. For some rough estimates about space requirements, see Data Encryption.

    PrivX indexes session recordings when they are searched for the first time. Depending on the duration of the recording, the first search may take some time. SSH transcripts require roughly ten times the storage space compared to the original video recording.


Did this page help you?