How to use Kaseya to Monitor Remote Desktop Sessions

Want to know what user or process that is using all the CPU or memory on a terminal server? Kaseya Network Monitor can monitor session processes and set an alarm if a user/process hits the set threshold value for CPU or memory. You can either monitor all users and processes created by RDP sessions or monitor a specified process or user. We have created two Lua scripts that will handle this.

The first script (WMI_RDP_Session_Perf_Process.lua) lets you choose between CPU or memory and set a threshold. Optionally, you can set a process name. Important here is that you check the “No account logon” checkbox since it’s using authenticated WMI sessions to the monitored server.

The second script (WMI_RDP_Session_Perf_User.lua) will let you choose CPU/memory, set a threshold and specify an optional username that you would like to monitor. The syntax is DOMAIN\User but for non-domain connected computers, you will need to specify the local computer name (ie. COMPUTERNAME\User).

Normally you would use the default account for the object but you can specify a specific account for the monitor if needed. The credentials will be passed on to the script for authentication. The statistics will save the CPU or memory usage for RDP sessions. The uniqueness with these scripts is that they will only record RDP sessions. No other sessions like console logons or Windows services will be recorded or checked.

Both scripts will show “Test OK” if nothing hits the threshold. If an alarm is set, a message telling that the CPU or memory usage is high will be presented, along with a list of processes with their data, such as CPU/memory usage and owner (the user that created the process).

Check the KB article at https://community.kaseya.com/kb/w/wiki/monitoring-rdp-sessions.aspx for information on how to download the scripts.

Patch Management Super Highway

2019 IT Operations Survey Results: Automated Patch Management Not Widely Adopted

Patch management and vulnerability management play a critical role in endpoint security. The process includes discovering assets in the network,Read More

Data Breach

2019 IT Operations Survey Results: Security Breaches and Outages Show No Sign of Slowing Down

The 2019 Kaseya IT Operations Survey has brought to light a few surprising as well as some obvious results about ITRead More

Art of people working on a UI design

3 Key Takeaways From the 2019 State of IT Operations Survey

Kaseya conducted its fifth annual IT Operations Survey this past June, aiming to delve into current IT operational state andRead More

Windows 7 EOL

Life After Windows 7 End of Life

By now, hopefully, your organization has begun its migration journey to Windows 10 and is well-underway in executing the upgrade. (See our WindowsRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now

Archives

Categories