XenServer

Data Governance

This article provides information regarding the collection, storage, and retention of logs by XenServer.

XenServer is a server virtualization platform that enables the customer to create and manage a deployment of virtual machines. XenCenter is the management UI for XenServer. XenServer and XenCenter can collect and store customer data as part of providing the following capabilities:

  • Telemetry - The telemetry functionality transmits basic licensing information about a XenServer pool. XenServer collects this basic licensing data as necessary for its legitimate interests, including license compliance.

  • Server status reports - A server status report can be generated on-demand and uploaded to Citrix Insight Services or provided to Support. The server status report contains information that can aid in diagnosing issues in the your environment.

  • Automatic updates for the Management Agent - The Management Agent runs within VMs hosted on a XenServer host or pool. If the server or pool is licensed, the Management Agent can check for and apply updates to itself and to the I/O drivers in the VM. As part of checking for updates, the automatic update feature makes a web request to Cloud Software Group that can identify the VM where the Management Agent runs.

  • XenCenter check for updates - This feature determines whether any hotfixes, cumulative updates, or new releases are available for the XenServer hosts and pools XenCenter manages. As part of checking for updates, this feature makes a web request to Citrix that includes telemetry. This telemetry is not user-specific and is used to estimate the total number of XenCenter instances worldwide.

  • XenCenter email alerts XenCenter can be configured to send email notifications when alert thresholds are exceeded. To send these email alerts, XenCenter collects and stores the target email address.

Telemetry information received by Cloud Software Group is treated in accordance with our Agreements.

Telemetry

The XenServer telemetry functionality collects basic licensing information about your XenServer pools.

When you install XenServer, your pool coordinator gathers telemetry data and uploads it weekly to a Microsoft Azure Cloud environment located in the United States. This data does not identify individuals or customers and is sent securely over HTTPS on port 443 to https://telemetry.ops.xenserver.com/. No information other than the four elements identified below is collected or transmitted.

Access to this data is restricted to members of the XenServer Operations and Product Management teams.

Telemetry information received by Cloud Software Group is treated in accordance with our Agreements.

Telemetry collected

For each XenServer pool, the pool coordinator collects the following data:

Data collected Description
UUID A random unique ID for the telemetry data of this pool. This UUID is not the same as the pool UUID or any other existing identifier. It is not collected in server status reports.
Product version The version of XenServer installed in this pool.
Sockets (per host) The number of sockets this host has.
Edition (per host) The type of license on this host.

This data does not identify individuals or customers and contains no personally identifiable information.

Viewing the telemetry data

The data that XenServer submits is logged on your pool coordinator in /var/telemetry/telemetry.data. This file is not collected in the server status logs.

Server status reports

During the course of operation a XenServer host collects and logs various information on the server where XenServer is installed. These logs can be collected as part of a server status report.

A server status report can be generated on-demand. You can upload these reports to Citrix Insight Services or provide them to Support. The server status report contains information that can aid in diagnosing issues in your environment.

Server status reports that are uploaded to Citrix Insight Services are stored in Amazon S3 environments located in the United States.

XenServer and XenCenter collect information from the following data sources:

  • XenCenter
  • XenServer hosts and pools
  • Hosted VMs

You can select which data items are included in the server status reports. You can also delete any server status reports that are uploaded to your MyCitrix account on Citrix Insight Services.

Citrix Insight Services does not implement an automatic data retention for server status reports uploaded by the customer. The customer determines the data retention policy. You can choose to delete any server status reports that are uploaded to your MyCitrix account on Citrix Insight Services.

Data collected

A server status report can contain the following log files:

Log type Contains PII?
device-model yes
fcoe yes
firstboot yes
network-status yes
process-list yes
xapi yes
xenserver-databases yes
control-slice maybe
disk-info maybe
hardware-info maybe
high-availability maybe
host-crashdump-logs maybe
kernel-info maybe
loopback-devices maybe
message-switch maybe
multipath maybe
system-logs maybe
v6d maybe
xapi-clusterd maybe
xapi-debug maybe
xcp-rrdd-plugins maybe
xen-info maybe
xenopsd maybe
xenserver-config maybe
xenserver-install maybe
xenserver-logs maybe
xha-liveset maybe
yum if customized
network-config if customized
cron if customized
blobs no
block-scheduler no
boot-loader no
conntest no
CVSM no
pam no
system-services no
tapdisk-logs no
VM-snapshot-schedule no
xapi-subprocess no
xen-bugtool no
xenserver-domains no

Management Agent automatic updates

The Management Agent runs within VMs hosted on a XenServer host or pool. If the host or pool is licensed, the Management Agent can check for and apply updates to itself and to the I/O drivers in the VM. As part of checking for updates, the automatic update feature makes a web request to us that can identify the VM where the Management Agent runs.

The web logs captured from the requests made by the Management Agent automatic updates feature are located in a Microsoft Azure Cloud environment located in the United States. These logs are then copied to a log management server in the United Kingdom.

The web requests made by the Management Agent automatic updates feature are made over HTTPS. Web log files are transmitted securely to the log management server.

You can select whether your VM uses the Management Agent automatic update feature. If you choose to use the Management Agent automatic update feature, you can also choose whether the web request includes the VM identifying information.

Web logs containing information from web requests made by the Management Agent automatic updates feature and the XenCenter check for updates feature can be retained indefinitely.

Data collected

The Management Agent automatic updates web requests can contain the following data points:

Data collected Description What we use it for
IP address The IP address of the VM where the Management Agent is installed  
VM UUID A unique user ID for the VM where the Management Agent is installed  

XenCenter check for updates

This feature determines whether any hotfixes, cumulative updates, or new releases are available for the XenServer hosts and pools XenCenter manages. As part of checking for updates, this feature makes a web request to Cloud Software Group that includes telemetry. This telemetry does not personally identify users and is used to estimate the total number of XenCenter instances worldwide.

The web logs captured from the requests made by the XenCenter check for updates feature are located in a Microsoft Azure Cloud environment located in the United States. These logs are then copied to a log management server in the United Kingdom.

The web requests made by the XenCenter check for updates feature are made over HTTPS. Web log files are transmitted securely to the log management server.

The XenCenter check for updates feature is enabled by default. You can choose to disable this feature.

Data collected

The check for updates feature web requests contain the following data points:

Data collected Description What we use it for
IP address The IP address of the XenCenter host machine  
XenCenter version The version of XenCenter making the request  

XenCenter email alerts

XenCenter can be configured to send email notifications when alert thresholds are exceeded. To send these email alerts, XenCenter collects and stores the target email address.

The email address that XenCenter uses to send email alerts is stored on the machine where you installed XenCenter.

You can delete email alerts configured in XenCenter to remove the stored email information.

XenCenter retains the email information used to provide email alerts for the lifetime of the email notification. When you delete the configured email alert, the data is removed.

Data collected

To provide email alerts XenCenter stores the following data points:

Data collected Description What we use it for
Email address The email address for alerts To send alert and notification emails to
SMTP server The SMTP server to use To route the email alerts to the recipient
Data Governance