Odd Behavior of Monitor for Citrix XenApp

Does the application name match the receive string in your monitor?

Yes it does; exactly. My point of confusion is that the application will always exist, but if it is disabled or not functioning properly will the monitor be able to tell?

The XML broker maintains application availability and, from the xml brokers health inspection, presents the application to the user if the user is entitled and the application is available. The monitor is not verifying the specific application is available, but rather verifies the xml services which enumerate publish applications is healthy. I would take a tcpdump and look at the response being sent back to the BIG-IP, somehow the application name is in the response, otherwise the monitor would go down. For example, maybe your application name for your health monitor is notepad and your Citrix application servers have notepad and notepad++ and the user you specified is entitled to both. You disable notepad on the citrix server, however, notepad++ is still being returned in the list of available applications for the user. The receive string is still a match because "notepad" is within "notepad"++.

In the tcpdump it looks like my Citrix admin renamed the app during our testing, but the name still includes the original name...matching your scenario exactly. I'll have my Citrix admin rename it to something completely different and verify member state after that. Thank you for the background info though; good to understand that the monitor is checking the XML service more than the app itself.