Script follows. You may have to allow PowerShell script execution on the platform. In my case I named this file as qwinsta.ps1 in my Check_MK local dir on the Windows host. And this is somewhat of a learners script in that it can be broken down and used for other things.
# This local local plugins for windows output number active rdp sessions
# and number disconnected along with the user names in the detail
$rdpLines = (qwinsta)
# Column statrts for qwinsta output, remember ID is right justified, thus 45
$qwinstaCols = 1,19,45,48,56,68
# Get CSV of the qwinsta output with blank colums filled in with a dash
$qwinstaCsv = @(ForEach ($rdpLine in $rdpLines) {
ForEach ($qwinstaCol in $qwinstaCols) {
$rdpLine = $rdpLine -replace "^(.{$qwinstaCol})[^A-Za-z0-9#-]",'$1-'
}
$rdpLine.SubString(1).trim() -replace "\s+",","
})
$disconnectedUsers = @()
$activeusers = @()
ForEach ($rdp in $qwinstaCsv | ConvertFrom-CSV) {
# Easily pick off values by column
$rdpSessionName = $rdp.SESSIONNAME
$rdpUserName = $rdp.USERNAME
$rdpId = $rdp.ID
$rdpState = $rdp.STATE
$rdpDevice = $rdp.DEVICE
Actually. no.. or well, it's not a "good" way. Not saying you can't so that but not with the normal plugin because the address changes with almost every major update (even on the same version of product). You could write a plugin (new) to try to determine the new address as it changes. So, while we were using the ts_sessions technique, we like the new way because it doesn't require constant change after the "seasonal" major updates (talking mainly Windows 10, realizing that most don't run theirs in full multi-user though, but we do). Our new way also let's you see the usernames that are active and the ones that "disconnected" their RDP session (for hopefully later resumption).
···
On 01/15/2019 01:46 AM, Thomas Wittmann wrote:
Or more easy:
just enter these two lines in the [winperf] section of check_mk.ini and reastart agent:
counters = 3198:ts_sessions
counters = 1920:ts_sessions
The counter 3198 works for Server 2008(R2), the 1920 for Server 2012 and upwards.
Then you can monitor your RDP sessions right out of Check_MK with thresholds for active and inactive sessions
BR
Thomas
Am Mi., 9. Jan. 2019 um 00:16 Uhr schrieb Christopher Cox <chriscox@endlessnow.com <mailto:chriscox@endlessnow.com>>:
Script follows. You may have to allow PowerShell script execution on
the platform. In my case I named this file as qwinsta.ps1 in my
Check_MK local dir on the Windows host. And this is somewhat of a
learners script in that it can be broken down and used for other things.
# This local local plugins for windows output number active rdp sessions
# and number disconnected along with the user names in the detail
$rdpLines = (qwinsta)
# Column statrts for qwinsta output, remember ID is right justified, thus 45
$qwinstaCols = 1,19,45,48,56,68
# Get CSV of the qwinsta output with blank colums filled in with a dash
$qwinstaCsv = @(ForEach ($rdpLine in $rdpLines) {
ForEach ($qwinstaCol in $qwinstaCols) {
$rdpLine = $rdpLine -replace "^(.{$qwinstaCol})[^A-Za-z0-9#-]",'$1-'
}
$rdpLine.SubString(1).trim() -replace "\s+",","
})
$disconnectedUsers = @()
$activeusers = @()
ForEach ($rdp in $qwinstaCsv | ConvertFrom-CSV) {
# Easily pick off values by column
$rdpSessionName = $rdp.SESSIONNAME
$rdpUserName = $rdp.USERNAME
$rdpId = $rdp.ID
$rdpState = $rdp.STATE
$rdpDevice = $rdp.DEVICE
Ah ok.
And it seems to solve the 2 inactive sessions (caused by the OS) you always have in 2012 servers.
I‘ll give it a tray
Thomas Wittmann
···
Von meinem iPhone gesendet
Am 16.01.2019 um 16:19 schrieb Christopher Cox <chriscox@endlessnow.com>:
Actually. no.. or well, it's not a "good" way. Not saying you can't so that but not with the normal plugin because the address changes with almost every major update (even on the same version of product). You could write a plugin (new) to try to determine the new address as it changes. So, while we were using the ts_sessions technique, we like the new way because it doesn't require constant change after the "seasonal" major updates (talking mainly Windows 10, realizing that most don't run theirs in full multi-user though, but we do). Our new way also let's you see the usernames that are active and the ones that "disconnected" their RDP session (for hopefully later resumption).
On 01/15/2019 01:46 AM, Thomas Wittmann wrote:
Or more easy:
just enter these two lines in the [winperf] section of check_mk.ini and reastart agent:
counters = 3198:ts_sessions
counters = 1920:ts_sessions
The counter 3198 works for Server 2008(R2), the 1920 for Server 2012 and upwards.
Then you can monitor your RDP sessions right out of Check_MK with thresholds for active and inactive sessions
BR
Thomas
Am Mi., 9. Jan. 2019 um 00:16 Uhr schrieb Christopher Cox <chriscox@endlessnow.com <mailto:chriscox@endlessnow.com>>:
Script follows. You may have to allow PowerShell script execution on
the platform. In my case I named this file as qwinsta.ps1 in my
Check_MK local dir on the Windows host. And this is somewhat of a
learners script in that it can be broken down and used for other things.
# This local local plugins for windows output number active rdp sessions
# and number disconnected along with the user names in the detail
$rdpLines = (qwinsta)
# Column statrts for qwinsta output, remember ID is right justified, thus 45
$qwinstaCols = 1,19,45,48,56,68
# Get CSV of the qwinsta output with blank colums filled in with a dash
$qwinstaCsv = @(ForEach ($rdpLine in $rdpLines) {
ForEach ($qwinstaCol in $qwinstaCols) {
$rdpLine = $rdpLine -replace "^(.{$qwinstaCol})[^A-Za-z0-9#-]",'$1-'
}
$rdpLine.SubString(1).trim() -replace "\s+",","
})
$disconnectedUsers = @()
$activeusers = @()
ForEach ($rdp in $qwinstaCsv | ConvertFrom-CSV) {
# Easily pick off values by column
$rdpSessionName = $rdp.SESSIONNAME
$rdpUserName = $rdp.USERNAME
$rdpId = $rdp.ID
$rdpState = $rdp.STATE
$rdpDevice = $rdp.DEVICE
# This local local plugins for windows output number active rdp sessions
# and number disconnected along with the user names in the detail
$rdpLines = (qwinsta)
# Column statrts for qwinsta output, remember ID is right justified, thus 45
$qwinstaCols = 1,19,45,48,56,68
# Get CSV of the qwinsta output with blank colums filled in with a dash
$qwinstaCsv = @(ForEach ($rdpLine in $rdpLines) {
ForEach ($qwinstaCol in $qwinstaCols) {
$rdpLine = $rdpLine -replace "^(.{$qwinstaCol})[^A-Za-z0-9#-]",'$1-'
}
$rdpLine.SubString(1).trim() -replace "\s+",","
})
$disconnectedUsers = @()
$activeusers = @()
ForEach ($rdp in $qwinstaCsv | ConvertFrom-CSV) {
# Easily pick off values by column
$rdpUserName = $rdp.USERNAME
$rdpState = $rdp.STATE
Ah ok.
And it seems to solve the 2 inactive sessions (caused by the OS) you always have in 2012 servers.
I‘ll give it a tray
Thomas Wittmann
Von meinem iPhone gesendet
Am 16.01.2019 um 16:19 schrieb Christopher Cox <chriscox@endlessnow.com>:
Actually. no.. or well, it's not a "good" way. Not saying you can't so that but not with the normal plugin because the address changes with almost every major update (even on the same version of product). You could write a plugin (new) to try to determine the new address as it changes. So, while we were using the ts_sessions technique, we like the new way because it doesn't require constant change after the "seasonal" major updates (talking mainly Windows 10, realizing that most don't run theirs in full multi-user though, but we do). Our new way also let's you see the usernames that are active and the ones that "disconnected" their RDP session (for hopefully later resumption).
On 01/15/2019 01:46 AM, Thomas Wittmann wrote:
Or more easy:
just enter these two lines in the [winperf] section of check_mk.ini and reastart agent:
counters = 3198:ts_sessions
counters = 1920:ts_sessions
The counter 3198 works for Server 2008(R2), the 1920 for Server 2012 and upwards.
Then you can monitor your RDP sessions right out of Check_MK with thresholds for active and inactive sessions
BR
Thomas
Am Mi., 9. Jan. 2019 um 00:16 Uhr schrieb Christopher Cox <chriscox@endlessnow.com <mailto:chriscox@endlessnow.com>>:
Script follows. You may have to allow PowerShell script execution on
the platform. In my case I named this file as qwinsta.ps1 in my
Check_MK local dir on the Windows host. And this is somewhat of a
learners script in that it can be broken down and used for other things.
# This local local plugins for windows output number active rdp sessions
# and number disconnected along with the user names in the detail
$rdpLines = (qwinsta)
# Column statrts for qwinsta output, remember ID is right justified, thus 45
$qwinstaCols = 1,19,45,48,56,68
# Get CSV of the qwinsta output with blank colums filled in with a dash
$qwinstaCsv = @(ForEach ($rdpLine in $rdpLines) {
ForEach ($qwinstaCol in $qwinstaCols) {
$rdpLine = $rdpLine -replace "^(.{$qwinstaCol})[^A-Za-z0-9#-]",'$1-'
}
$rdpLine.SubString(1).trim() -replace "\s+",","
})
$disconnectedUsers = @()
$activeusers = @()
ForEach ($rdp in $qwinstaCsv | ConvertFrom-CSV) {
# Easily pick off values by column
$rdpSessionName = $rdp.SESSIONNAME
$rdpUserName = $rdp.USERNAME
$rdpId = $rdp.ID
$rdpState = $rdp.STATE
$rdpDevice = $rdp.DEVICE
