I've got a requirement to alert when any of the windows server doesn't allow RDP, Linux server or Network device doesn't allow Putty connection. Can this be achieved with any Event ID monitoring in windows or process ID monitoring in Linux/Network devices ? Or will it have to be any SWQL query ? If so, any idea on what and how that query will be ?
For windows there is the SAM template: Windows Remote Desktop Services
It checks a lot of things, the two most important are that the service is running and that the port responds
You can get the same thing on linux, checking for the sshd process and checking tcp port 22.
Disclaimer: These tests don't actually authenticate, so they are not 100%. What we need are "User Experience" monitors. We can get user experience for SSH using scrips, but I don't have a clue how to do it with RDP.
Thanks Brian. That was insightful. Please do share the user experience script for SSH. Also I suppose there is a possibility wherein RDP service might show as running but the server is hung.
Unfortunately there is a lot of ways to do this, my method for this is antiquated using plink and ssh keys. If I were doing this new today, I would probably use Powershell+OpenSSH
Here is an article on powershell and OpenSSH:
Use the SAM component for powershell scripts
Make sure on the monitoring template that you set the polling method to "agentless" so your not trying to execute powershell on the remote linux system.
I would create a login on the linux system called like OrionSSHTest
I would add the following two commands to the bottom of ~OrionSSHTest/.bashrc
echo -e "Stastic: 0\nMessage: Success\n"
Sorry I don't have it spelled out in detail, this is a case of "do as I say not as I do".
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.