Configure and view connection session recordings
Keeper Connection Manager supports automatic screen recording of each connection session. Recordings can be graphical video recordings of the connection, or (for certain connection protocols) typescript recordings which record only the text sent to the the client machine.
Read below about how to setup, configure, and view each session recording type.
Sessions of all supported protocols can be recorded graphically. These recordings take the form of Guacamole protocol dumps and are recorded automatically to a specified directory.
The simplest way to record user connection sessions and view them in the browser.
To configure connections for in-browser recording playback, enter the following special values in the "Screen Recording" section of the connection settings.
Recording Path / Typescript Path
These values tell the system to store recordings in a location and format that the in-browser viewer can play back.
If desired, graphical session recordings can be named with custom values, or saved to any desired location. This will require recording playback using the Glyptodon Session Recording Player.
The directory in which screen recording files should be created.
This parameter is required for graphical session recording to function.
The filename to use for any created recordings. This parameter is optional. If omitted, the value “recording” will be used instead.
This parameter only has an effect if graphical recording is enabled. If the "Recording Path" is not specified, graphical session recording will be disabled, and this parameter will be ignored.
It is recommended to utilize Keeper Connection Manager's dynamic credential pass-through to add the date, time, and other unique information to the recording name.
For example:
RDP Recording ${GUAC_USERNAME} - ${GUAC_DATE} : ${GUAC_TIME}
Will create recording files with the user's username, the session date and time in the name.
Keeper will never overwrite an existing recording. If necessary, a numeric suffix like “.1”, “.2”, “.3”, etc. will be appended to to avoid overwriting an existing recording. If even appending a numeric suffix does not help, the session will simply not be recorded.
Keeper Connection Manager session recordings can be viewed from within the user interface in the History tab of the settings screen. To view a recording, click the play icon on the far right. Any session of a connection that was setup with the settings above will have the icon. When the icon is clicked, the recorded session will load in the browser, and you can start playback by clicking anywhere on the screen.
Note: For a recording to be visible within the UI, it must satisfy one of the following criteria:
The recording is directly within the directory ${HISTORY_PATH} and has the filename ${HISTORY_UUID}.
The recording is directly within the directory ${HISTORY_PATH}/${HISTORY_UUID} (and may have any filename).
If a session recording contains key events, those events can now be viewed within KCM’s session recording player. Administrators can view an approximation of what would have been typed based on those events and perform a text-based search to find particularly interesting parts of a recording.
By Default, recordings do not contain key events. This must be enabled by an administrator when configuring the connection.
KCM session recordings display a histogram that shows the relative levels of activity within different parts of the recordings. The histogram shows the following levels of activities:
Visible events such as when the screen changes
keyboard events - user interactions with the keyboard
If checked, graphical output and other data normally streamed from server to client will be excluded from the recording, producing a recording which contains only user input events.
This parameter is optional. If omitted, graphical output will be included in the recording.
If checked, user mouse events will be excluded from the recording, producing a recording which lacks a visible mouse cursor.
This parameter is optional. If omitted, mouse events will be included in the recording.
If checked, user key events will be included in the recording.
This parameter is optional. If omitted, key events will be not included in the recording.
If checked the directory specified by "Recording Path" will automatically be created if it does not yet exist. Only the final directory in the path will be created - if other directories earlier in the path do not exist, automatic creation will fail, and an error will be logged.
This parameter is optional. By default, the directory specified by the recording path parameter will not automatically be created, and attempts to create recordings within a non-existent directory will be logged as errors.
Keeper Connection Manager graphical session recordings that were saved to a custom location can be viewed using the Keeper Connection Manager Session Recording Player at https://player.glyptodon.com
To view session recordings, click "Browse..." and select the recording in your file system. The recording will play in the browser.
The Keeper Connection Manager graphical session recording player does not send recordings over the internet. Recording files are translated to video locally on the browser.
The full, raw text content of terminal sessions, including timing information, can be recorded automatically to a specified directory. This recording, also known as a “typescript”, will be written to two files within the directory specified by the entered Typescript Path: NAME, which contains the raw text data, and NAME.timing, which contains timing information, where NAME is the value provided for Typescript Name.
This format is compatible with the format used by the standard UNIX script command, and can be replayed using compatible tools.
Typescript session recording can be configured for each connection in the Keeper Connection Manager connection settings
The directory in which typescript files should be created.
This parameter is required. Specifying this parameter enables typescript recording. If this parameter is omitted, no typescript will be recorded.
The base filename to use when determining the names for the data and timing files of the typescript.
This parameter is optional. If omitted, the value “typescript” will be used instead.
Each typescript consists of two files which are created within the directory specified by the Typescript Name: NAME, which contains the raw text data, and NAME.timing, which contains timing information, where NAME is the value provided for the Typescript Name parameter.
It is recommended to utilize Keeper Connection Manager's dynamic credential pass-through to add the date, time, and other unique information to the recording name.
For example:
SSH Typescript ${GUAC_USERNAME} - ${GUAC_DATE} : ${GUAC_TIME}
Will create recording files with the user's username, the session date and time in the name.
Guacamole will never overwrite an existing recording. If necessary, a numeric suffix like “.1”, “.2”, “.3”, etc. will be appended to NAME to avoid overwriting an existing recording. If even appending a numeric suffix does not help, the session will simply not be recorded.
If checked, the directory specified by "Typescript Path" will automatically be created if it does not yet exist. Only the final directory in the path will be created - if other directories earlier in the path do not exist, automatic creation will fail, and an error will be logged.
This parameter is optional. By default, the directory specified by "Typescript Path" will not automatically be created, and attempts to record typescripts in a non-existent directory will be logged as errors.
Recordings can be replayed using script. For example, to replay a typescript called “NAME”, you would run:
Recordings can be replayed using scriptreplay. For example, to replay a typescript called “NAME”, you would run:
