How to use Kaseya to Monitor Remote Desktop Sessions

Want to know what user or process that is using all the CPU or memory on a terminal server? Kaseya Network Monitor can monitor session processes and set an alarm if a user/process hits the set threshold value for CPU or memory. You can either monitor all users and processes created by RDP sessions or monitor a specified process or user. We have created two Lua scripts that will handle this.

The first script (WMI_RDP_Session_Perf_Process.lua) lets you choose between CPU or memory and set a threshold. Optionally, you can set a process name. Important here is that you check the “No account logon” checkbox since it’s using authenticated WMI sessions to the monitored server.

The second script (WMI_RDP_Session_Perf_User.lua) will let you choose CPU/memory, set a threshold and specify an optional username that you would like to monitor. The syntax is DOMAIN\User but for non-domain connected computers, you will need to specify the local computer name (ie. COMPUTERNAME\User).

Normally you would use the default account for the object but you can specify a specific account for the monitor if needed. The credentials will be passed on to the script for authentication. The statistics will save the CPU or memory usage for RDP sessions. The uniqueness with these scripts is that they will only record RDP sessions. No other sessions like console logons or Windows services will be recorded or checked.

Both scripts will show “Test OK” if nothing hits the threshold. If an alarm is set, a message telling that the CPU or memory usage is high will be presented, along with a list of processes with their data, such as CPU/memory usage and owner (the user that created the process).

Check the KB article at http://community.kaseya.com/kb/w/wiki/monitoring-rdp-sessions.aspx for information on how to download the scripts.

3 Effective Patch Management Tips for MMEs

The most effective way to prevent a security hack is a robust patch-management program which includes routine installation of patchesRead More

Vulnerability Management Requires Third Party Management

Vulnerability Management Requires Third Party Management

As technologies like IoT take center stage, there are more Internet-connected devices than ever, creating more vulnerabilities than ever. RansomwareRead More

Next Generation PSA

Defining a Next Generation PSA

A PSA is the lifeblood for how an efficient MSP runs their business and the fundamental nature of the PSARead More

Channel Futures – MSP Outlook

Use the Wisdom of the Crowd to Narrow your Focus No matter how many customer visits and sales calls weRead More

Archives

Categories