Hi,
When a MKS ticket is granted it provides useful security information about who is accessing the console on which Guest Host.
However, this does not give any idea of when the user stops using those resources. You can look at the overall login/logout - but
this is imperfect, and there are too many variables about how the user may be working for this to be straightforward or functionally
meaningful.
Is there a way of augmenting the logging to show that the MKS session is ended somehow?
... Or ...
Is there a way to query the session automatically? eg. Via API....?
regards,
Simon
This an interesting question and to which I don't know the answer. My thought would be an MKS ticket that has been granted is time sensitive and therefore the expiration date is known assuming the user is not granted another one. Operating on that premise, one way I'd go about building a system to track this would be to capture the relevant logs using Log Insight and build the extracted fields and alerts to pull this information. Once the MKS ticket is granted and this is captured, a web hook could then be sent to an external system to calculate the expiry time. It could then be acted on appropriately. This clearly involves external logic because vRLI is incapable of these types of computations internally, but it can at least act as the firing system.
Hi,
Thanks for your response. I certainly have the means to do what you are saying. It may very well do what I am looking
to achieve because, at the end of the day I am just trying to limit the manual steps to find people if their MKS ticket
assignment correlates to a particular unix login of interest ( special proprietory circumstances ). So if it's all I can
achieve I will just try to achieve a weighted list of candidates.
Once again - thanks very much for your help.
regards,
Simon