Configure screen recording audit-Elastic Desktop Service-阿里云帮助中心

Elastic Desktop Service (EDS) policies allow you to manage rules for your cloud computers, covering aspects such as user experience, security, auditing, peripherals, and collaboration. This topic describes the auditing rules.

Background

Use cases

To meet your organization's security and audit requirements, you may need to audit operations on cloud computers. The screen recording audit feature, which is in public preview, allows you to use a cloud computer policy to capture user activities on cloud computers as videos for later playback.

Scope

The screen recording audit feature applies only to cloud computers that meet all the following conditions:

They use the Adaptive Streaming Protocol (ASP). For more information, see Adaptive Streaming Protocol (ASP).
They run a Windows or Linux operating system.
They use a system image of version 0.1.0 or later, or a custom image created from such an image.

Billing

Feature usage fees: This value-added feature is free of charge during the public preview. Charges will apply after the public preview ends, and billing details will be announced in advance.
Other related fees: Screen recordings can be saved only to Object Storage Service (OSS). The system automatically creates an OSS bucket for you. You are charged for the storage space consumed by the video files. For more information about billing, see OSS Billing Overview.

Considerations

Important

Screen recording may affect end user privacy. Before you enable this feature, ensure you have obtained the necessary authorization from them.

Prerequisites

By default, screen recordings are saved to an OSS bucket in the current region. If you use VPN-related software on a cloud computer, add*.aliyuncs.com to the whitelist to ensure successful file uploads.

Configuration

In the Screen Recording Audit section, turn on the Screen Recording Audit switch, read the Usage Notes on Screen Recording Audit, select I have read and agree to enable the feature, and configure the following parameters.

Note

The screen recording audit feature supports dual-screen scenarios and records all user activities on both primary and secondary displays.

Parameter	Description
Recording type	Select a recording type: Whole-process: Records the entire user session, from the moment an end user connects to the cloud computer until they disconnect. Interval-based: Records only during a specified time interval. If the end user disconnects before the interval ends, the recording stops immediately. If you select this option, you must also configure the Interval. Operation-triggered: If you select this option, select one or more trigger conditions in the Operation-triggered section. Multiple conditions are supported. File Upload/Download-triggered: Recording is triggered when a file is uploaded to or downloaded from the cloud computer. Command-triggered: Recording is triggered when a user provides input by using a device such as a keyboard, mouse, or graphics tablet. Note Recording starts immediately when a trigger condition is met. When the trigger condition is no longer met, the recording does not stop immediately but continues for another 10 minutes. If the same or another trigger condition is met again within this 10-minute period, the 10-minute delay timer is reset. Listening of Session Lifecycle Screen Recording: Records the entire process from session creation to session logoff. This option is recommended for robotic process automation (RPA) scenarios. Note The difference between session lifecycle recording and whole-process recording is when the recording stops. Whole-process recording ends when the end user disconnects from the cloud computer. In contrast, session lifecycle recording ends when the session is logged off. A session is logged off when the end user shuts down the cloud computer or when the pre-configured keep-active duration is reached after the cloud computer is disconnected.
Audio	Select one of the following options: Video or Video and Audio.
Frame Rate	Supported frame rates: 2, 5, 10, and 15 frames per second (FPS). A higher frame rate results in smoother video but requires more storage space. Select a frame rate that balances video quality and storage costs.
File Length	Supported values: 10, 20, 30, or 60 minutes. The recording is automatically split into segments of the specified length. If a segment file reaches 300 MB before the specified duration, a new segment is created.
Save To	By default, screen recordings are saved to an OSS bucket in the current region, which incurs OSS fees. For more information about billing, see OSS Billing Overview. Important If you use VPN-related software on a cloud computer, add`*.aliyuncs.com` to the whitelist to ensure successful file uploads. After a recording is complete, you can view or download the video file in the console. For more information, see View or download screen recordings.
Retention Period	Default: 15 days. You can set the retention period to a value from 1 to 180 days. Warning Screen recordings are stored in the OSS bucket for the specified retention period. After this period expires, the recordings are permanently deleted from both the OSS bucket and the Screen Recordings tab in the console.

FAQ

Outdated image version error

To use the screen recording audit feature, a cloud computer must meet all the following conditions:

They use the Adaptive Streaming Protocol (ASP). For more information, see Adaptive Streaming Protocol (ASP).
They run a Windows or Linux operating system.
They use a system image of version 0.1.0 or later, or a custom image created from such an image.

If you receive a message that the image version is outdated, update the cloud computer's image to a supported version. For more information, see Change the image of a cloud computer or a cloud computer in a pool.

Automatic deletion of screen recordings

Yes. Screen recordings are stored in the OSS bucket for the specified retention period and are automatically deleted when this period expires.
Changing or deleting the policy does not immediately delete existing screen recordings. They are deleted only after their original retention period expires.

Auditing rules