Really looking for some ideas (ideally nothing 3rd party based) that we could implement to monitor when users login to a Terminal Server (and log off if possible) so we can monitor activity.
Thanks!
Really looking for some ideas (ideally nothing 3rd party based) that we could implement to monitor when users login to a Terminal Server (and log off if possible) so we can monitor activity.
Thanks!
What, exactly, do you mean by "monitor activity"? What are you looking to actually do?
Assuming you enable success auditing of Logon / Logoff events, the Event Log will contain events (id's and sources dependent on the version of Windows you're using) each time a successful logon or logoff occurs. The product can produce that log "stock" without any third-party add-ons. At that point, it's just a matter of parsing the event log or forwarding it to whatever log analysis system you want to use. The sky's the limit once you're parsing the event log-- whatever alerting capabilities your monitoring system has become available.