Ad Widget

**asb2106** · 04-06-2019, 17:23

Did you find any resolution to this? I am on a similar path myself.

**zabbixisfun** · 04-06-2019, 18:45

asb2106

download python
and save my script below as a .pyw (no console)

Yes I ended up writing a python script that produces a log file that zabbix can monitor. It works like this:

0. install on target windows pc and place on startup
1. loops verification of a x coordinate
2. loops verification of x coordinate 2 seconds later.
3. compares X coordinate values
4. if coordinates differ = output log is created.

Zabbix
5. Zabbix monitors output logfile for changes
6. C:\scripts\logfilename

Item Key

vfs.file.cksum[C:\scripts\se_track.txt]

with

Trigger
{SE_OS:vfs.file.cksum[C:\scripts\se_track.txt].diff()}=1

Code:

#name: Brandon R.
#version: v1.0
#description: Track mouse movement and create 'file' to be monitored by zabbix network monitoring services

from ctypes import windll, Structure, c_long, byref
import time

class POINT(Structure):
    _fields_ = [("x", c_long)]

while True:
    #Get x coordinate of cursor
    def queryCursorPosition1():
        pt = POINT()
        windll.user32.GetCursorPos(byref(pt))
        return { "x": pt.x}
    pos1 = queryCursorPosition1()

    #Get x coordinate of cursor a few seconds later
    time.sleep(1)
    def queryCursorPosition2():
        pt = POINT()
        windll.user32.GetCursorPos(byref(pt))
        return { "x": pt.x}
    pos2 = queryCursorPosition2()

    #Print movement 'detected' if x coord do not match past x coord
    if pos1 != pos2:
        print("Movement Detected")
        print(pos1)
        print(pos2)
        print("---")


        f= open("se_track.txt","w+")
        f.write("X1: %s X2: %s" % (pos1, pos2))

The zabbix stats are a bit scewed because it records as a error + fix so you end up with 2 counts for every interaction.. but the data is there and you would just divide by 2 getting an accurate result. Be nice if zabbix added a feature like this to the agent

**asb2106** · 05-06-2019, 15:23

This is awesome, FANTASTIC, thank you very much for sharing. I will report my findings.

Originally posted by zabbixisfun

asb2106

Yes I ended up writing a python script that produces a log file that zabbix can monitor. It works like this:

**zabbixisfun** · 05-06-2019, 18:59

asb2106 Oh and in Zabbix I used

Item Key

vfs.file.cksum[C:\scripts\se_track.txt]

with

Trigger
{SE_OS Windows_Tracking:vfs.file.cksum[C:\scripts\se_track.txt].diff()}=1

Ad Widget

Window 10 User Activity Alerts (Mouse/Touch/Interaction)

Window 10 User Activity Alerts (Mouse/Touch/Interaction)

Comment

Comment

Comment

Comment