André Spadini | MultiCloud | DBA

Zabbix: Monitor RDP Windows

Zabbix: Monitor RDP Windows

Andre Spadini's photo
Andre Spadini
·

2 min read

Segue howto para monitorar sessões ativas no Windows Server

Fonte: github.com/iSmartyPRO/zabbix_template_rdp_m..

No meu exemplo, o zabbix encontra-se instalado em: C:\Program Files\Zabbix Agent

No diretório C:\Program Files\Zabbix Agent\zabbix_agentd.conf.d, criar o arquivo: rdp.terminal.server.conf

UserParameter=rdp.terminal.server[*],powershell.exe -noprofile -executionpolicy bypass -File C:\app\zabbix\scripts\rdp.terminal.server.ps1 $1

No diretório C:\Program Files\Zabbix Agent\scripts, criar o arquivo: rdp.terminal.server.ps1

# Improved by Ilias Aidar - 24/09/2019
# Originally created by Diego Cavalcante - 10/02/2017
# Monitoring Windows RDP - Terminal Server

Param(
  [string]$select
)

# Active Users: Domain Name, Username, Computer Name, IP Address
if ( $select -eq 'ACTIVE' )
{
Import-Module PSTerminalServices
Get-TSSession -State Active -ComputerName localhost | foreach {$_.DomainName, $_.UserName, $_.ClientName, (($_.IPAddress).IPAddressToString), ""}
}

# Total Active Users
if ( $select -eq 'ACTIVENUM' )
{
Import-Module PSTerminalServices
Get-TSSession -State Active -ComputerName localhost | foreach {$_.UserName} | Measure-Object -Line | select-object Lines | select-object -ExpandProperty Lines
}

# Inactive Users: Domain Name, Username
if ( $select -eq 'INACTIVE' )
{
Import-Module PSTerminalServices
Get-TSSession -State Disconnected -ComputerName localhost | where { $_.SessionID -ne 0 } | foreach {$_.DomainName, $_.UserName, ""}
}

# Toal Inactive Users
if ( $select -eq 'INACTIVENUM' )
{
Import-Module PSTerminalServices
Get-TSSession -State Disconnected -ComputerName localhost | where { $_.SessionID -ne 0 } | foreach {$_.UserName} | Measure-Object -Line | select-object Lines | select-object -ExpandProperty Lines
}

# List of Remote Computer Names
if ( $select -eq 'DEVICE' )
{
Import-Module PSTerminalServices
Get-TSSession -State Active -ComputerName localhost | foreach {$_.ClientName}
}

# List of Remoter IP Addresses
if ( $select -eq 'IP' )
{
Import-Module PSTerminalServices
Get-TSSession -State Active -ComputerName localhost | foreach {(($_.IPAddress).IPAddressToString)}
}

Instalar o MSI no windows: https://github.com/iSmartyPRO/zabbix_template_rdp_monitoring/blob/master/winApp/rdp.terminal.server.msi

Copiar o diretório: C:\Users\YourUser\Documents\WindowsPowerShell\modules\PSTerminalServices\ para: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\

Adicionar o template no Zabbix: https://github.com/iSmartyPRO/zabbix_template_rdp_monitoring/tree/master/Zabbix%20Template

O monitoramento irá ficar assim:

image.png

Att,