Citrix CTP Alum John Smith spent more than a decade running Citrix infrastructure at organizations such as the U.S. Centers for Disease Control and McKesson, so he understands the pressures that these VDI administrators face. Still, he says that as a Solutions Architect at ExtraHop, he has been shocked to see how uniformly organizations suffer from staffing shortages. “Most teams that run Citrix infrastructure are operating on skeleton crews by choice or necessity,” he says.

What if there were a solution that could automatically detect performance issues and respond, saving the Citrix admin from having to get involved?

Enter ExtraHop and Octoblu.

The ExtraHop wire data analytics platform acts as the eyes and ears for the environment and Octoblu serves as the enterprise automation hub that orchestrates actions on behalf of the Citrix team.

In a recent CUGC Connect webinar, John and Citrix IoT Engineering Director, Chris Matthieu, explained why automation is the way forward for over-burdened Citrix teams. They advocate using ExtraHop and Octoblu in conjunction—a combination they dub “ExtraBlu”—and demonstrate how it works with a “virtual help desk” scenario.

>> Watch the webinar, ExtraBlu: When Open Platforms Collide!

Screen capture of ExtraHop and Octoblu integration
Octoblu makes it easy to orchestrate automation based on events detected by ExtraHop.

Automation Example: “Virtual Help Desk” Workflow

In the ExtraBlu webinar, John demonstrates a “virtual help desk” workflow that automatically sends an email to a user experiencing Citrix latency. He explains that latency is frequently escalated as a Citrix issue, but often has to do with the user’s local network conditions, such as a broken access point or slow Wi-Fi at a Starbucks. In these cases, there is nothing that the Citrix team can do other than providing some guidance.

The Octoblu workflow (see the screen shot above) begins with a trigger from ExtraHop that contains key details, such as user name, subnet mask, client IP address, and client version. Octoblu then automatically generates an alert sent to the operations team Slack channel with these details, and also an email to the user, informing them that the Citrix is aware of the issue and suggest solutions.

This type of automation enables the Citrix team to act proactively and get ahead of the issue before it gets escalated or they find out in a meeting three weeks afterward. Similarly, you can send automatic emails to application owners or database teams based on behavior observed on the network.

Matthieu envisions even more robust scenarios. “As ExtraHop identifies events, instead of just rebooting a server, you could spin up an entirely new cluster using a CLM (Citrix Lifecycle Manager) bluprint, and then have Netscaler bind IP addresses to the new cluster. This is the ability to monitor and react in real time, or DevOps on steroids,” he says.

John has also recorded several videos of other ExtraBlu integrations he has built, including:

  • ExtraBlu: Using ExtraHop and OctoBlu as a Virtual Helpdesk
  • ExtraBlu: Sending User Experience Warnings to your #Slack channel
  • ExtraBlu: Tracking malicious DNS queries in Real Time
  • ExtraBlu: Leveraging ExtraHop and OctoBlu to check for malicious flash content

Ready to get started? Sign up at to start looking through bluprints and building flows. ExtraHop also offers a free trial VM for qualified prospects, or you can contact John Smith at for questions.

octoblu banner