In our previous post, Terminal Server Logging on Workstations Is Important Too, we discussed why the monitoring of Remote Desktop Sessions on workstations should not be neglected. Now, let’s take a look at some of the reports built into Remote Desktop Reporter that can track that sort of activity.
The Terminal Server User Sessions Hourly Activity Report (click to view sample) is a wonderful way to track the hours of the day when a user is active in a particular Remote Desktop session on a particular workstation. Paired with a filter that restricts the report data to a particular user, and a particular hour range in the day (e.g. normal business hours versus after hours, for instance), it’s easy to spot activity that is out of the ordinary.
Next, The Terminal Server Performance User Bandwidth Report (click again to view sample) provides you with RDP traffic statistics by user and server for each user session. Both the total bytes transferred and the average number of bytes/sec over the Remote Desktop Protocol are displayed, so it is easy to pinpoint users who are consuming the most bandwidth in their sessions, and/or highlight a particular user session that used a much greater amount of bandwidth then most.
Finally, The Terminal Server Client Workstations and Addresses Report (click to view sample) displays all of the remote workstation names and IP addresses each Remote Desktop User is associated with. Utilizing this report, you can quickly find out if your users are using non-corporate issued devices, or connecting from a previously unrecognized IP address.