RMS200413: How to implement the application usage agent of the Managed Device

 

Installation

By default, the application usage agent is disabled on managed devices (MDs). To enable it during installation:

  • Locate the [Usage Agent] section with the mgssetup.ini file.
  • Remove the semi-colon (;) from the front of the following line:

;USAGEAGENT_DISABLE = False

 

For existing MDs, the following option should be set within the relevant MD settings package: 

 

Agent Configuration

For detailed information refer to the Application Usage Metering chapter of the 'DiscoveryGuide.pdf' which comes with RMS. 

Below is a watered down version of what needs to be done to get the AUAgent working in a TEST environment. 

Note 1:  Increase the version number of this package before redistributing it. 

Note 2:  If you find during testing that the amount of uploads has dramatically increased, then you can either increase the value for the Upload period in seconds option or set the Enable upload within usage agent option to false for production. 

Note 3:  If you find that any of the other options that have values in seconds to be too aggressive during testing, then make sure to change their values for production. 

 

 

Schedule

Create the following user schedule trigger: 

Distribute the schedule so that the MDs receive the new event. 

Note:  If ManageSoft policies are being used, then an actual scheduled task will need to be created for each user that runs that EXE on a regular basis (via an RMS package, GPO, or other means), as a MD can only be targeted by one ManageSoft policy and an ManageSoft policy can only be associated with one schedule. 

 

Monitoring Web Applications

If users utilise Microsoft's Internet Explorer as their web browser, then its possible to monitor this application by creating registry entries on each MD similar to the ones below: 

Deploy these registry settings to the relevant MDs. 

Note:   If new mappings are added to the registry, then the 'Security Manager Service' service will need to be restarted as part of that action in order for the usage agent to include them in its process monitoring. 

 

Manual Mappings

A manual mapping allows you to target applications that are either excluded by an agent option or if you do not wish the agent to target all applications, by creating registry entries under the following key: 

Full details can be found within the previously mentioned chapter. 

Note:   If new mappings are added to the registry, then the 'Security Manager Service' service will need to be restarted as part of that action in order for the usage agent to include them in its process monitoring. 

 

Application Usage by Application report

Usage data is displayed for each application: 

Drilling down displays the list of MDs that the tracked application has been used on: 

Drilling down further allows you to see the actual usage time on a specific MD: 

Application Usage by Computer report

This report displays a list of MDs that have usage data associated with them: 

 

Drilling down lists all applications pertaining to that particular usage session: 

 

 

 

 

 

Comments

Powered by Zendesk