I found many ways to figured it out on my own. Here is few details:
I am able to save user login details on that remote machine. but the issue is not to capture but get notified for that activity. I want to right down script get that details and send it to other database server that can be seen on webui {monitoring screen} researchers may have that done before but its a finding needle in wool. I got right direction in starting and start writing for it. no result.
Any one have idea, from where to start?????
Any tool,source code can be helpful to handle this type activity and put all ideas on screen. thanks
1.) standard monitoring
Expose required metrics through SNMP e.g. http://www.net-snmp.org/wiki/index.php/Tut:Extending_snmpd_using_shell_scripts and use standard Zenoss SNMP monitoring (graphs, thresholds, triggers, notifications). Probably also WMI provides similar extend functionality.
2.) instant notification
Generate trap, when login happened and send it to Zenoss - it will create event in Zenoss (it's not real metric, it's only event)