User Activity Monitoring: Terminal Server logging on workstations

When discussing Terminal Server logging, we are interested in monitoring user sessions connecting from a workstation. There is always a need for detailed reporting and keeping track of user activity and sessions when someone is running Remote Desktop Services session from a workstation.

Many popular Terminal Server monitoring applications on the market today offer exhaustive reports on all user activity on Terminal Server. However, they carry the burden of being way too intrusive, and are in fact a serious breach of privacy, such as by monitoring keystrokes or even capturing screenshots and video footage of everything a user did while they were connected to the server. This doesn’t necessarily mean that user activity shouldn’t be monitored. The IT department should keep an eye only on the metrics and data about the company’s users that really matter.

Monitoring Terminal Server logging on workstations is particularly important because your employees can work from anywhere and anytime that suits them best. And that’s awesome, since you give your employees the possibility to work in their own home and at their own pace. Auditing employee activity gives a company a real picture for how its team is utilizing company resources, such as servers and workstations. It is also a great way to figure out how to motivate people, boost employee productivity as well as enhance business efficiency. Now, don’t be afraid of infringing an employee’s privacy – user activity can be monitored in a non-intrusive manner with Syskit Monitor.

Benefits of auditing employee activity with Syskit Monitor

Syskit Monitor is a server monitoring solution that uses non-intrusive methods to help your management and company executives produce better strategies. With the multiple features Syskit Monitor has to offer, you can track and audit remote employee activity on sessions running on ICA and Remote Desktop Protocol. This means that with Syskit Monitor, you can see which employees connected to a certain server and when. Each logon and logoff is recorded, so that you can later analyze sessions from various angles.

When planning future investments, promotions or even salary raises, you may wish to pinpoint the employees who performed the best, the most active users or even odd employee session behavior, and to do so, you don’t have to go through the data for every user manually.

Syskit Monitor can even help your HR Department provide the cost per view and, use it to create billing reports and paycheck statements.

Some of the most notable tasks Syskit Monitor can do are:

  • Monitor remote access to Remote Desktop Servers
  • Audit employee activity on a server
  • Track sessions running via Remote Desktop Protocol
  • Oversee connections to your servers made via Remote Desktop Gateway

For auditing employee activity on your servers, Syskit Monitor will generate all the reports for you and you can even schedule them to be sent to you via email. You can print them out and discuss any doubts with your colleagues.

All of Syskit Monitor 26 user-oriented reports are designed to tell you what users are doing on servers while they’re doing it. For example, you can use Syskit Monitor user reports to see who is using the RD Gateway to access a corporate network or simply get an overview of user idle times. Perhaps, you want an insight into how much of an employee’s time is spent on the system in different states, active or idle? Why, of course! You can finally see when an employee logs on and off, time they spent disconnected or on remote control. Also, you can combine two groups of reports, for example, user reports and application usage reports, to get a cross section of which applications are frequently used and by which users. All these insights could be used for a pay-per-performance salary system.

How does Syskit Monitor monitor Terminal Server logging on workstations?

Syskit analyzes Terminal Server log data and users in real time and as well as it keeps history records, which you can use to check who was logged on, where and for how long. Ok, great! And what else can you do with Syskit?

  • Detect users connecting from their homes or other remote locations.
  • Generate reports showing the time spent in different states (e.g., active, idle, remote control, and disconnected).
  • Validate remote access, check connections by IP address or client name, and pinpoint the exact location from where a specific user connected. It can also detect a client’s public IP address.
  • Detect the most active and idle users with the User Activities reports.
  • Drill down the reports on each user per day, per server, and per state or check the activity timeline to get more details on users.

The most common use cases for Terminal Server logging

Let’s go over some of the most common use cases for Terminal Server Logging on workstations that our clients are using.

Take Jane for instance. She has permission from her manager to work from home. Working from home has grown very popular and there are employees like Jane in every organization. As we’ve mentioned before, the IT department needs to audit when users are connecting, to which servers, from where, and whether they are connecting from a secure device. For security reasons, one cannot take their word that they are indeed connecting from a secure office device instead of their PC.

Another example where you need to take caution with Terminal Server logging is the HIPAA-related health-care access. In the health care industry, you are always required to monitor who is connecting from outside the organization. You also need to make sure that you have reliable data to provide to auditors if they start questioning your use of logging records and accesses of sensitive medical information. That’s why you are required to track each client who has access to sensitive and confidential data, as well as to check if any changes were made on the system and by whom.

For large corporations with thousands of computers, the IT department needs to be able to detect clients that are using older Windows versions. The thing is that you don’t know which users are connecting to your servers. You also can’t tell which type of Windows device is being used. Syskit can report back to you which Windows version or any other operating system someone is using to connect to your Remote Desktop Services infrastructure. For example, Tom needs to align all his client infrastructure to the latest Windows client. Tom can do this with Syskit. The tool will show him all Windows clients with older OSs so they could be upgraded easily.

Do you still have machines running Windows XP connecting to your SBC infrastructure? Don’t worry. Syskit will detect them, so you can upgrade those older systems.

Now, let’s get back to the servers

You need to be able to perform regular maintenance of your servers, for example, to restart them to apply the latest Windows patches. Syskit notifies you when you have the lowest number of users connected. That way, you can plan and schedule your maintenance without interrupting your users, for example, by scheduling it late at night or over the weekend.

Syskit Monitor also monitors addresses. You can see if users are connecting to your infrastructure at odd hours and using different IP addresses, since you may have trouble heading your way if someone has stolen an employee’s identity.

The trial version is free and fully featured for 30 days! For any additional information or questions, feel free to reach out to our Support team.

Subscribe to our Newsletter

Related Posts