How to use Kaseya to Monitor Remote Desktop Sessions

Want to know what user or process that is using all the CPU or memory on a terminal server? Kaseya Network Monitor can monitor session processes and set an alarm if a user/process hits the set threshold value for CPU or memory. You can either monitor all users and processes created by RDP sessions or monitor a specified process or user. We have created two Lua scripts that will handle this.

The first script (WMI_RDP_Session_Perf_Process.lua) lets you choose between CPU or memory and set a threshold. Optionally, you can set a process name. Important here is that you check the “No account logon” checkbox since it’s using authenticated WMI sessions to the monitored server.

The second script (WMI_RDP_Session_Perf_User.lua) will let you choose CPU/memory, set a threshold and specify an optional username that you would like to monitor. The syntax is DOMAIN\User but for non-domain connected computers, you will need to specify the local computer name (ie. COMPUTERNAME\User).

Normally you would use the default account for the object but you can specify a specific account for the monitor if needed. The credentials will be passed on to the script for authentication. The statistics will save the CPU or memory usage for RDP sessions. The uniqueness with these scripts is that they will only record RDP sessions. No other sessions like console logons or Windows services will be recorded or checked.

Both scripts will show “Test OK” if nothing hits the threshold. If an alarm is set, a message telling that the CPU or memory usage is high will be presented, along with a list of processes with their data, such as CPU/memory usage and owner (the user that created the process).

Check the KB article at https://community.kaseya.com/kb/w/wiki/monitoring-rdp-sessions.aspx for information on how to download the scripts.

Wooden block that says Business Continuity

What is BCDR? Business Continuity and Disaster Recovery Explained

With organizations going through digital transformations and more employees working remotely, cybersecurity is a top priority for almost all ITRead More

IT infrastructure costs contral

Key Ways to Cut IT Infrastructure Costs

The current global economic crisis has fundamentally changed the way many businesses operate. Given the fact that it will probablyRead More

Endpoint security for remote users

Why Endpoint Security is Important for Remote Workforces

According to a recent study by the Information Systems Audit and Control Association (ISACA), “nearly 60 percent of enterprises areRead More

Disaster Recovery Plan

5 Reasons Why Disaster Recovery Plans Fail

It is a scenario that every IT team fears. You diligently back up critical servers to your on-site appliance orRead More

2020 IT Operations Survey Results - Highlighs and Key Takeaways - Watch Now
2020 MSP Benchmark Survey Report

Archives

Categories