Tasks
Track the progress of all project milestones and deliverables. Each task includes detailed acceptance criteria, priority levels, and component assignments.
Filter Tasks
Install Azure Connected Machine Agent
Install and configure Azure Connected Machine Agent on an on-premises Windows server for Hybrid Runbook Worker setup
Acceptance Criteria:
- Azure Connected Machine Agent installed on designated Windows server
- Server registered with Azure Arc-enabled servers
- Connectivity verified between on-premises and Azure
- Authentication configured for hybrid operations
Configure Hybrid Runbook Worker
Configure the machine as a Hybrid Runbook Worker in Azure Automation Account
Acceptance Criteria:
- Machine registered as Hybrid Runbook Worker in Azure Automation Account
- Worker group created and configured
- Test runbook executed successfully on hybrid worker
- Secure communication channel established
Install Citrix PowerShell SDK
Install Citrix PowerShell SDK on hybrid worker via Citrix Studio or standalone installer
Acceptance Criteria:
- Citrix PowerShell SDK installed and configured
- PowerShell modules loaded and tested
- Connection to Citrix Delivery Controllers verified
- Get-BrokerSession cmdlets functional
Test Hybrid Worker Connectivity
Test connectivity to both Azure and Citrix Delivery Controllers from hybrid worker
Acceptance Criteria:
- Azure connectivity tested and validated
- Citrix Delivery Controller access confirmed
- Domain authentication working properly
- Network firewall rules configured correctly
Design Unified Database Schema
Create comprehensive Azure SQL database schema for storing login data from both Citrix and Entra ID systems
Acceptance Criteria:
- CitrixSessions table created with all required fields
- EntraSignIns table designed for sign-in data
- UnifiedUsers table for cross-system reporting
- Proper indexes and constraints implemented
- Database relationships and foreign keys established
Create Reporting Views
Implement database views for unified reporting and analytics across both systems
Acceptance Criteria:
- vw_CombinedLoginActivity view created for unified login data
- vw_UserActivitySummary view for user activity analysis
- Performance optimized views with proper indexing
- Sample queries documented and tested
Deploy Azure SQL Managed Instance
Deploy and configure Azure SQL Managed Instance with proper security and performance settings
Acceptance Criteria:
- Azure SQL Managed Instance deployed in production environment
- Private endpoint configured for secure access
- Transparent Data Encryption (TDE) enabled
- Backup and disaster recovery configured
- Network security groups and firewall rules applied
Develop Citrix Data Collection Runbook
Create PowerShell runbook for collecting Citrix session data using existing Get-CitrixLogins.ps1 script
Acceptance Criteria:
- PowerShell runbook captures all Citrix session properties
- Error handling for network interruptions implemented
- JSON output format compatible with Logic Apps
- Configurable logging levels and output formats
- Runs successfully on Hybrid Runbook Worker
Develop Entra ID Data Collection Runbook
Create PowerShell runbook for querying Microsoft Entra ID sign-in logs using Microsoft Graph SDK
Acceptance Criteria:
- Microsoft Graph SDK modules installed and configured
- Managed Identity authentication implemented
- Sign-in logs retrieved with proper filtering
- All relevant sign-in properties captured
- JSON output format optimized for Logic Apps processing
Implement Authentication and Security
Configure managed identities and security for PowerShell runbooks
Acceptance Criteria:
- Managed identities configured for Azure Automation
- Microsoft Graph API permissions granted (AuditLog.Read.All)
- Key Vault integration for sensitive credentials
- Least privilege access principles applied
- Security audit and compliance verification completed
Create Master Orchestration Logic App
Build main Logic App that triggers both Citrix and Entra ID data collection runbooks
Acceptance Criteria:
- Recurrence trigger configured for optimal frequency (5-15 minutes)
- Parallel execution of Citrix and Entra ID runbooks
- Job completion monitoring and error handling
- Unified user tracking updates implemented
- Comprehensive logging and monitoring configured
Create Citrix Data Processing Logic App
Build Logic App to parse Citrix JSON output and insert data into CitrixSessions table
Acceptance Criteria:
- JSON parsing handles all Citrix session properties
- Data transformation and validation implemented
- SQL insert operations for CitrixSessions table
- UnifiedUsers table updates for latest login times
- Error handling and retry logic configured
Create Entra ID Data Processing Logic App
Build Logic App to parse Entra ID JSON output and insert data into EntraSignIns table
Acceptance Criteria:
- JSON parsing handles all Entra ID sign-in properties
- Risk assessment and location data processing
- SQL insert operations for EntraSignIns table
- UnifiedUsers table updates for latest login times
- Error handling and retry logic configured
Implement Logic App Monitoring
Set up comprehensive monitoring and alerting for all Logic App workflows
Acceptance Criteria:
- Azure Monitor alerts configured for Logic App failures
- Performance metrics tracking and dashboards
- Failed run notifications and escalation procedures
- Historical run data analysis and reporting
Create Power BI Integration
Develop Power BI reports for unified user activity and security analytics
Acceptance Criteria:
- User Activity Dashboard with combined system view
- Security Analytics reports for failed logins and suspicious activities
- System Usage analysis with peak hours and session duration
- Compliance Reporting with audit trails for specific date ranges
- Interactive filters and drill-down capabilities
Configure Azure Analytics Workspace
Set up Azure Log Analytics for advanced querying and custom alerts
Acceptance Criteria:
- Log Analytics workspace configured and connected
- Custom KQL queries for deep analysis created
- Alerts configured for unusual login patterns
- Data retention policies implemented
- Cost optimization and performance tuning completed
Develop Custom Reporting Queries
Create sample SQL and KQL queries for common reporting scenarios
Acceptance Criteria:
- Inactive users reporting queries
- Login failure analysis by system
- Peak login hours analysis queries
- Cross-system correlation queries
- Performance optimization queries documented
Implement Data Governance
Establish data retention policies and privacy compliance measures
Acceptance Criteria:
- Data retention policies defined and implemented
- Privacy compliance verification (GDPR, etc.)
- Data archiving procedures for old sessions
- Access controls and audit trails established
Performance Optimization
Optimize database performance and implement proper indexing strategies
Acceptance Criteria:
- Table partitioning implemented for large datasets
- Indexes optimized for common query patterns
- Query performance monitoring and tuning
- Resource utilization optimization
Create Deployment Package
Package all components into deployable ARM templates and PowerShell modules
Acceptance Criteria:
- ARM templates for all Azure resources
- PowerShell module packaging for scripts
- Deployment automation and validation scripts
- Rollback procedures and disaster recovery plans
Documentation and Training
Create comprehensive documentation and training materials for operations team
Acceptance Criteria:
- Operational procedures documented
- Troubleshooting guides created
- Training materials for support staff
- Architecture diagrams and system documentation