The VMware Horizon Recording feature allows administrators to record desktop and application sessions to monitor user behavior for Linux remote desktops and applications.

Administrators can observe a user's exact keystrokes, pointer and mouse activity, and other user behavior in a recorded desktop or application session. In addition to providing greater security and auditing for user behavior, recording also helps with troubleshooting and reproducing issues the user experiences during a session. Administrators can play back, store, and audit the recordings.

When a user logs in, Horizon Recording starts automatically, displaying the default message Your session is being recorded in accordance with security policies. The recording runs if the session is in a connected state. Recording stops when the user logs out or disconnects. If the user changes the screen resolution of the desktop or application session, Horizon Recording creates a new segment of the recording. Recording file sizes vary based on the duration of the connected session. Recordings are stored in MP4 format and can be downloaded to play in a local player or viewed in the Horizon Recording web console.

Components

Horizon Recording for Linux consists of the following components:
  • Horizon Recording Server: Collects information about the session and raw recording data for storage and playback.
  • Horizon Recording Agent for Linux: Records a user session, registers the session with the Horizon Recording Server, and uploads recording data.

These components are available for VMware Horizon 8 2306 and later. Installation files are available on VMware Customer Connect.

Note: Like certain other Horizon 8 features, this feature is not available for every subscription. For more information, see VMware Horizon Subscription Feature comparison.

Horizon Recording Web Console

After you install the Horizon Recording Server (see the next section of this article), you can access the Horizon Recording web console at https://<localservername>:9443.

The web console displays the following:
  • Dashboard includes a list of recent recordings, the server, database, and folder where recordings are stored, and recording information such as start time, duration, size, and state. You can lock, unlock, and delete recordings.
  • Recordings includes a list of all recordings with information such as name, launched resource, location, start and end dates, start time, duration, size, and state. You can lock, unlock, and delete recordings.
  • Audit Trial tracks all user actions in the user interface.

Install the Horizon Recording Server

Install the Horizon Recording Server component on a machine to collect information about the session and raw recording data for storage and playback.

The Horizon Recording Server component consists of these items:
  • A database for session information storage and configuration
  • A Windows NTFS folder for recording storage
  • A web service for collecting recording data, administration, and playback

You can deploy the Horizon Recording Server as a standalone setup where the server is installed on a machine that leverages a local SQLite database stored in the installation directory as local.db and a local NTFS folder.

You can also deploy the Horizon Recording Server in a high availability environment using multiple servers behind a load balancer, leveraging Microsoft SQL or PostgreSQL databases, and a shared NTFS folder on all servers for storing recording data. Load balancers configured with L4 load distribution are supported.

Minimum Server Resource Requirements (required to support 2,000 active recordings)
Resource Minimum Value
CPU 4 vCPU
Memory 8 GB
Free Disk Space 20 GB
Note: This depends on the type of applications the user runs in the session and also the frame change rate. You must monitor usage and add extra disk space as required.
Note: The Horizon Recording Server is built in .Net Core and requires a 64-bit Windows Server operating system that is a member of the domain if you use group extraction. The server operating system must be Windows Server 2016 or later (64-bit).

To install the Horizon Recording Server, perform the following steps.

  1. Download the HorizonRecordingServer.exe file and copy it to a local folder on the server.
  2. Run the installer and follow the steps. Default credentials are shown below.

    User name/Password: administrator/Recording123

    The server is now available through the Horizon Recording web console: https://<localservername>:9443
  3. Manually secure the recordings folder permissions so that only the recording server's active directory accounts have access to the folder to add, modify, or delete recordings.
  • To uninstall the Horizon Recording Server, use Add Remove Programs (appwiz.cpl) to remove the Horizon Recording server binaries and then delete the following components manually:
    • The local database file (local.db) in installation directory
    • The logs located in C:\programdata\VMware\Horizon Recording
    • Local recordings located in installation directory\Recordings
  • To reset the installation:
    1. Stop the Horizon Recording service.
    2. Delete the Recordings folder from the installation directory.
    3. Delete the servicesettings.json file and the local.db file from the installation directory.
    4. Start the Horizon Recording service.

    The servicesettings.json and local.db files are recreated afresh.

Requirements for the Horizon Recording Agent for Linux

Horizon Recording is supported on machines running the following Linux distributions:
  • RHEL 8.x/9.x
  • Rocky Linux 8.x/9.x
  • RHEL/CentOS 7.9
  • Ubuntu 20.04/22.04
  • Debian 10.x/11.x
  • SLED/SLES 15 SP4

Install the Horizon Recording Agent component on all Linux machines where you want to record sessions.

Note: You must install Horizon Agent on the machine before installing the Horizon Recording Agent component.
Minimum Resource Requirements
Resource Minimum Value (Single-session desktops/applications) Minimum Value (Multi-session desktops/applications - 50 sessions)
CPU 2 vCPU 40 vCPU
Memory 2 GB 48 GB
Free Disk Space 5 GB
Note: This depends on the type of applications the user runs in the session and the frame change rate. You must monitor usage and add extra disk space as required.
50 GB
Note: This depends on the type of applications the user runs in the session and the frame change rate. You must monitor usage and add extra disk space as required.
Additional System Requirements
  • Horizon 8 2306 or later
  • Port 9443 allowed in the firewall inbound rules on the Horizon Recording Server

The installer for the Horizon Recording Agent for Linux is available in two different formats:

  • Tarball installer
  • RPM installer

Run the Tarball Installer for Horizon Recording Agent

  1. Install Horizon Agent on the Linux machine. See Install Horizon Agent on a Linux Virtual Machine.
  2. Download the Horizon Recording Agent tarball package to a local directory on the agent machine.
  3. Unpack the tarball.
    tar zxvf Horizon.Recording.Linux.Agent-x.x.x.x.tar.gz
  4. Navigate to the tarball directory and run the appropriate installation command based on the type of resource pool that you plan to create from the agent machine.
    Pool Type Command

    Instant-clone or full-clone pool

    (Append the -t parameter)

    sudo ./install.sh -u https://<Horizon Recording Server IP>:9443 -n <username> -p <password> -t

    Manual pool

    (Do not append the -t parameter)

    sudo ./install.sh -u https://<Horizon Recording Server IP>:9443 -n <username> -p <password>
    Note: The -t parameter ensures that all clones created from the machine will have the Horizon Recording Agent installed and configured. For a description of all the required and optional parameters that you can include in the installation command, see Installer Parameters for the Horizon Recording Agent.

Run the RPM Installer for Horizon Recording Agent

  1. Install Horizon Agent on the Linux machine. See Install Horizon Agent on a Linux Virtual Machine.
  2. Download the Horizon Recording Agent RPM package to a local directory on the agent machine.
  3. Run the command to install the RPM package.
    sudo rpm -ivh ./HorizonRecording.Linux.Agent-x.x.x.x.rpm
  4. Locate rpminstall.sh in the /usr/lib/vmware/horizonrecording/ directory. Continue the installation and configuration process by running the appropriate installation command based on the type of resource pool that you plan to create from the agent machine.
    Pool Type Command

    Instant-clone or full-clone pool

    (Append the -t parameter)

    sudo /usr/lib/vmware/horizonrecording/rpminstall.sh -u https://<Horizon Recording Server IP>:9443 -n <username> -p <password> -t

    Manual pool

    (Do not append the -t parameter)

    sudo /usr/lib/vmware/horizonrecording/rpminstall.sh -u https://<Horizon Recording Server IP>:9443 -n <username> -p <password>
    Note: The -t parameter ensures that all clones created from the machine will have the Horizon Recording Agent installed and configured. For a description of all the required and optional parameters that you can include in the installation command, see Installer Parameters for the Horizon Recording Agent.

Installer Parameters for the Horizon Recording Agent

These installer parameters apply to each of the following installer scripts:

  • install.sh from the tarball package
  • rpminstall.sh from the RPM package
Table 1. Required Parameters for the Horizon Recording Agent Installer Script
Required Parameter Description

--uri

-u

The session recording url, including https://.

--username

-n

The user name for authenticating to the server.

--password

-p

The password for authenticating to the server.
Table 2. Optional Parameters for the Horizon Recording Agent Installer Script
Optional Parameter Description

--help

-h

Display the help for using the installer script.

--trusted-ssl-certificate

-s

The trusted SSL certificate thumbprint.

Examples of supported formats:

59 2C E2 BD 6F 44 09 7F BF 8C 0F DA 66 6A 1C 3C 38 90 BE 24
C8:E1:BD:B3:6F:22:E9:EA:60:35:19:D7:E0:F5:42:15:33:85:67:16

--template

-t

Ensures that all instant clones or full clones created from the machine will have the Horizon Recording Agent installed and configured.

Repair the Horizon Recording Agent Connection

You can perform the steps described in this section if you face one of the following scenarios:

  • The Horizon Recording Agent loses its trusted connection with the Horizon Recording Server.
  • The Horizon Recording Agent requires registration with a new Horizon Recording Server.

The following procedure re-registers the trusted connection between the Horizon Recording Agent and the Horizon Recording Server.

  1. On the agent machine, stop the horizonrecording.service daemon.
    systemctl stop horizonrecording.service
  2. Run the appropriate registration command based on the type of resource pool created from the agent machine.
    Pool Type Command

    Instant-clone or full-clone pool

    (Append the -t parameter)

    sudo /usr/lib/vmware/horizonrecording/Horizon.Recording.xAgent.worker -register -url="https://<Horizon Recording Server IP>:9443" -username=<username> -password=<password> -thumbprint="<Horizon Recording Server Certificate Thumbprint>" -t

    Manual pool

    (Do not append the -t parameter)
    sudo /usr/lib/vmware/horizonrecording/Horizon.Recording.xAgent.worker -register -url="https://<Horizon Recording Server IP>:9443" -username=<username> -password=<password> -thumbprint="<Horizon Recording Server Certificate Thumbprint>"
    Note: For a description of all the required and optional parameters that you can include in the registration command, see Installer Parameters for the Horizon Recording Agent.

Horizon Recording Agent Logs

The Horizon Recording Agent saves activity logs to the /var/log/vmware/horizonrecording directory.

You can increase the logging detail by changing the minimum log level to "Trace".

Note: Since the Horizon Recording Agent logs can increase rapidly in file size, it is recommended that you increase the logging detail only for troubleshooting purposes.
  1. Modify the /usr/lib/vmware/horizonrecording/Nlog.config file as follows:
    <logger name="*" minlevel="Trace" writeTo="ServiceLogging" />
  2. To make the changes take effect, restart the horizonrecording.service daemon.
    systemctl restart horizonrecording.service

Upgrade the Horizon Recording Server

Before upgrading the Horizon Recording Server, do the following:
  • Confirm that there are no active recordings.
  • Create a backup of the Recordings folder, the servicesettings.json file, and the local.db (if you are using SQLite for the database).

To upgrade the Horizon Recording Server, perform the following steps.

  1. Download the HorizonRecordingServer.exe file.
  2. Copy the HorizonRecordingServer.exe file to a local folder on the server.
  3. Run HorizonRecordingServer.exe.
Note the following:
  • By default, the server is upgraded in the same C:\Program Files\VMware\Desktop Recording Server folder.
    • If you change the upgrade location to a new folder, the configuration is not retained, and is treated as a fresh installation. As a result, you cannot access or play back the old recordings from the web console after the upgrade.
    • If you do not change the default location, then all the configurations are retained, and you can access and play back the recordings from the web console after the upgrade.
  • After the upgrade, the log location for the server changes to a new C:\ProgramData\VMware\Horizon Recording folder. The old logs are still available in C:\ProgramData\VMware\Horizon Desktop Recording.

Upgrade the Horizon Recording Agent

Before upgrading the Horizon Recording Agent, confirm that there are no active recordings on the agent.

Note: It is recommended that you upgrade the server before upgrading the agent.

To upgrade the Horizon Recording Agent, follow the procedure for your installer type.

To upgrade Horizon Recording Agent using the tarball installer

  1. Download and run the tarball installer for the new version of Horizon Recording Agent. For detailed instructions, see Run the Tarball Installer for Horizon Recording Agent.
  2. Restart the agent machine to apply the changes.

To upgrade Horizon Recording Agent using the RPM installer

  1. Download the RPM installer package for the new version of Horizon Recording Agent and save the installer to a local directory on the agent machine.
  2. Run the command to install the RPM package in upgrade mode.
    sudo rpm -Uvh HorizonRecording.Linux.Agent-x.x.x.x.rpm
  3. Restart the agent machine to apply the changes.

Uninstall the Horizon Recording Agent

If you need to remove the Horizon Recording Agent from the agent machine, use the applicable uninstallation command.

  • Tarball installer:
    sudo /usr/lib/vmware/horizonrecording/uninstall.sh
  • RPM installer:
    sudo rpm -e HorizonRecording.Linux.Agent-x.x.x.x