Perhaps a better answer, to deploy as a local check on your windows hosts:
# This local local plugins for windows output number active rdp sessions
# and number disconnected along with the user names in the detail
$rdpLines = (qwinsta)
# Column statrts for qwinsta output, remember ID is right justified, thus 45
$qwinstaCols = 1,19,45,48,56,68
# Get CSV of the qwinsta output with blank colums filled in with a dash
$qwinstaCsv = @(ForEach ($rdpLine in $rdpLines) {
ForEach ($qwinstaCol in $qwinstaCols) {
$rdpLine = $rdpLine -replace "^(.{$qwinstaCol})[^A-Za-z0-9#-]",'$1-'
}
$rdpLine.SubString(1).trim() -replace "\s+",","
})
$disconnectedUsers = @()
$activeusers = @()
ForEach ($rdp in $qwinstaCsv | ConvertFrom-CSV) {
# Easily pick off values by column
$rdpUserName = $rdp.USERNAME
$rdpState = $rdp.STATE
if ($rdpUserName -ne '-') {
switch ($rdpState) {
'Disc' { $disconnectedUsers += $rdpUserName; break }
'Active' { $activeUsers += $rdpUserName; break }
}
}
}
$activeUsersCount = $activeUsers.Length
$activeUsersList = $activeUsers -join ','
$disconnectedUsersCount = $disconnectedUsers.Length
$disconnectedUsersList = $disconnectedUsers -join ','
Write-Output "0 RDP-status active_count=$activeUsersCount|disc_count=$disconnectedUsersCount Active Users($activeUsersCount): $activeUsersList Disconnected Users($disconnectedUsersCount): $disconnectedUsersList"