Kaseya Managed Services Software - Release Notes

Help File for Cloud Services Depot Kaseya Software

New features in Kaseya Backup and Disaster Recovery (v3.1.0.0)

Local Disk Consolidation of Synthetic Full Backups

A large number of issues with synthetic full backup are caused by network locations dropping packets. BUDR 3.1 checks for sufficient space on the local disk, copies the files locally and performs the consolidation, then copies the backup back to the NAS. Consolidation using the local disk dramatically improves the reliability of synthetic full backups. Sufficient local disk space is required to implement this solution. If not enough disk space is available, then remote consolidation is performed.

Queued Installs

Previously, installing the BUDR client on multiple machines simultaneously slowed down the network, and in some cases, resulted in failed installs. This enhancement limits the number of simultaneous downloads to prevent this problem. If you schedule too many backup client installs at once, then some of the installs are queued up until the downloads for the prior installs finish.

Updated Build of Acronis

BUDR 3.1 now includes Acronis 9.7-8218.

Error Status of Offsite/Local Server on Status Page

The Backup Status page now includes the error status of Offsite Servers and Local Servers. This means you can immediately tell if an Offsite Server or Local Server is offline by looking at the standard BUDR landing page.

Last Backup on Backup Status Table

The Backup Status table on the Backup Status page now shows when the backup last run, instead of just informing you that it ran "sometime" in the last 24 hours.

Local Server > Status Last Checked

The Local Server page now includes the date and time the status of local server was last updated.

Other Backup Products Installed Warning

Other backup products often conflict with Acronis, causing corrupted backups or hung systems. The Backup Status page now includes a warning when machines have both Acronis and other backup products installed.

Allow Synthetic Backups when Replication Directory is Subfolder of Image Location

If your backup image location was \\nas\share\backups and you wanted to use Offsite Replication to replicate just one machine, you might consider replicating \\nas\share\backups\<agentGuid>, where <agentGuid> is the Agent Guid of the machine you wish to replicate. However, BUDR 3.0 would not recognize backups located in subfolders when performing synthetic full backups and full backups would be replicated completely. BUDR 3.1 now enables full synthetic backups to be replicated correctly when specifying a subfolder of the image location.

Verify Does Not Mark Backup as Invalid

Automatic verification can fail for numerous reasons, such as a machine rebooting during the backup or the network image location going offline. In BUDR 3.0 if this happened, the verify would fail, and then the backup would be marked as invalid, no longer allowing you to mount, restore, re-verify, or convert the image to a VM. With BUDR 3.1, the failed verify is still logged, but the backup still shows up on those pages as a possible backup choice.

New features in Kaseya Backup and Disaster Recovery (v3.0.0.0) 3 December 2008

Synthetic full backup

Option to allow synthetic full backups which combines a base full image and incrementals to create new base full image. This option is enabled on the Schedule Volumes page and greatly reduces network bandwidth for performing local ‘full’ and for offsite replication.

64 Bit Support

Adds support for installing backup clients on Server 2008 and all Windows 64bit operating systems.

Offsite Status

Offsite status now reports files moved offsite, files remaining to be moved offsite and byte

Offsite Performance

In conjunction with synthetic volume backup, offsite will have significantly lower bandwidth requirements by moving only incrementals.

Offsite Ports

Offsite server ports are now restricted to between 1024 and 49151.

Restart Icons

Restart icons have been added to the Local Server and Offsite Server pages to quickly restart their respective services on a local server or offsite server.

Retry for Image Verify

Retry for data reads with image verify greatly reduces verify failures due to network latency.

Restore- Virtual Disk Conversion

Option to convert .tib files to VMWare VMDK and/or Microsoft VHD format allows for Physical to Virtual conversion or recovery to virtual machine.

Image Encryption

Additional security on disk images is provided via image encryption. This option on the Image Password page provides aes128, aes192 or aes256 encryption.

VSS Support

Improved integration with Microsoft Volume Shadow Copy Service for reliable backup of active servers.

Universal Restore

Provides a range of ISO build versions for reliable restores on a broader range of hardware configurations.

Dynamic Disk

Backup and recover dynamic volumes including recovery of dynamic volumes to basic volumes.

Backup client update

Customers are not required to install the new BU-DR client to keep using backup. BU-DR will work with a mix of BU-DR client versions 9.1 and 9.5 (the new client version). However, in order for the endpoint to take advantage of the new features including encryption, synthetic backup and image conversion, the endpoint must be updated to the new version of the BU-DR client software.

Agent Update

Customers need to update the Kaseya agent to to cancel a backup with the new 9.5 client. Kaseya recommends deploying the new agent to all systems that have the new backup client software. Use the “Force update even if agent is at…” option to force the agent to update to

New features in Kaseya 2008 SP1 (v5.1.0.0) - 7 September 2008

Audit - System Info

Entering data into a manually added field in System Info as http:// or https:// displays the data as a URL link. To manually add a field click the Show More button, then click the New...* button.

Audit - Documents

The Documents function, located on the Audit tab, can now be accessed as a new tab in the Machine Summary interface. The Machine Summary interface displays when you click any agent status icon.

Scripts - Mac OSX Agent

The Mac OSX agent has been improved to handle installation and log off conditions on all platforms up through OSX 10.5.4. Mac OSX agents are now able run the Execute Shell Command and Execute File script commands as either "system" or as "user" using user credentials. In the initial release of the Mac agent, these commands always ran as "system".

New Sample Reboot Scripts

New sample scripts have been added to support several reboot scenarios:

· Reboot-Ask-No: If user is logged in, ask if it is OK to reboot; assume no after 5 min. If user is not logged in, go ahead and reboot. This script calls Reboot-Ask-No-2 to ask the user.

· Reboot-Ask-Yes: If user is logged in, ask if it is OK to reboot; assume yes after 5 min. If user is not logged in, go ahead and reboot. This script calls Reboot-Ask-Yes-2 to ask the user.

· Reboot-Nag: If user is logged in, ask to reboot every 5 minutes until the user allows the reboot. If user is not logged in, go ahead and reboot. This script calls Reboot-Nag-2 to ask the user.

· Reboot-No-User: Reboot the machine only if a user is not logged in.

· Reboot-Warn: If the user is logged in, warn the user that a reboot will happen in 5 min. If the user is not logged in, go ahead and reboot. (Schedules reboot script 5 minutes from now.)

Dashboards - Alarm Count

All alarm dashboards with an alarm count now pull data from a rollup count table allowing for a more efficient query and update of the dashboard.

Event Log Collection

Prior to this release, when the VSA detected a flood of event log items, the VSA disabled collection of the entire class of events (Error, Warning, Informational, Success Audit, Failure Audit) for a log type on that machine. With this release the VSA introduces two new techniques to better manage certain events from overwhelming the system:

  • Global event log black list - A small number of event types from a handful of machines can overwhelm and cripple your VSA server with volume. Typically the offending event is of little or no value to the administrator. With this release, each agent will continue to process all events, however events listed on the black list will not be sent up to the VSA server. This should effectively cure the flood problem and prevent automatically disabling event log collection on any machine. Alarm detection and processing operates regardless of whether entries are on the collection blacklist.
  • Flood detection - Flood detection is still in place but the action taken has changed. No longer is processing permanently disabled. Instead, after 1000 events (not counting black list events) in one hour are sent to the VSA server, further collection of events of that log type are stopped for the remainder of that hour. A new event is inserted into the log to record that collection was suspended. At the end of the hour, collection automatically resumes. This technique prevents short term heavy loads from swamping your VSA server. Note that these techniques only affect collection. Alarm detection and processing operates regardless of whether collection is suspended.

Monitor Log, SNMP Log

Added start date and time to monitor log display allowing for more flexibility when searching log data.

Ticketing - View Summary

  • Changing multiple tickets - You can now change any field on multiple tickets at once. On the View Summary function, check the box for all tickets you wish to change a field value for. Then click Set Field The next screen lets you set a new value for any or all of the fields.
  • Search for phrases enclosed by double quoted strings - The search function looks in all text fields and notes returning all tickets that contain all the elements of the search string. Search string elements are delimited by spaces. Previously this prevented you from searching for phrases. Now you can include phrases as an element by enclosing multiple words in double quotes. WARNING: double quoted strings must be matched exactly. If you enter two spaces together in a double quoted string, then search only returns tickets containing the two spaces.
  • Preview Tickets - Hovering the mouse over a ticket's preview icon displays the ticket in a quick pop up window. Use the preview function to quickly go through all your tickets without having to open each ticket.
  • Auto submit checkbox - Checking this box automatically re-displays the View Summary page every time one of the field filters changes. If unchecked, change multiple field filters, then click Submit. The page now processes all the field filter changes at the same time and redisplays the page once.

Ticketing - Create/View

The View Ticket function name has been renamed to Create/View to better indicate this is the place to go to create new tickets.

Ticketing - Notify Policy

You can now format/customize additional ticket notifications. On the Notification Policy page click the Format button next to the following options to customize the notification email format:

  • Edit Summary
  • Assignee Change
  • Field Change
  • Due Date Change
  • Send auto response to emails creating new tickets

Ticketing -

Access Policy

On a per administrator role basis you can now control access to:

  • Editing submitter information
  • Changing the machine ID associated with a ticket.

Ticketing -

Assignee Policy

Assignee Policy is similar to Due Date Policy. It lets you automatically assign a ticket to an administrator based on the values from an combination of the list fields.

Ticketing - Email Reader

The sender's name is now pulled from the From address in the email header and set as the username in a newly created ticket. Tickets containing no message body and no attachments are now suppressed in place of adding a note that states "No response text provided"

Patch Mgmt -

View Definitions

Seven new filter options related to Patch Management have been added:

· Machines having no patch scan results (unscanned)

· Machines with Reboot Pending for patch installations

· Machines with Patch Test Result

· Machines with Patch Automatic Update configuration

· Machines with Patch Reboot Action configuration

· Machines with Patch File Source configuration

· Machines missing a specific patch (identified by the patch's 6 digit KB Article ID)

Patch Mgmt - Scan Machine

Removed the option for master administrators to schedule a refresh of the patch database that only applies to legacy systems no longer supported by Microsoft and to download the latest Office Detection Tool (ODT). An automatic background process now executes daily to ensure the latest ODT is downloaded to the KServer.

Patch Mgmt - Patch Scan Results Processing

· Moved the processing of patch scan results from the general background process to its own separate background process and added process throttling. This improves overall system response and alert processing time when there are hundreds of machines with updated patch scan results.

· When processing patch scan results, a new script is generated and executed to bring the KBxxxxxx.log and the WindowsUpdate.log up to the server for any patches that are reported as "failed". These logs are occasionally useful in troubleshooting patch installation failures. The logs are found in the Get File function under the Scripts tab for the specific machine. The script log for each machine contains entries indicating that these log files have been pulled up to the server as appropriate.

Scripts - Patch Deploy

The patch installation script generated by the Patch Deploy Installer Wizard now schedules a patch rescan for execution right after the next reboot. This ensures the proper reporting of a patch's status without having to manually run a patch scan on the machine.

Patch Mgmt - Patch Installation Scripts

When patches are executed in a patch installation script, an entry is made in the machine's Script Log. Modified the log entry to include the patch title in addition to the KB article number/security bulletin number.

Patch Mgmt - Patch Scan Script

Added a new script ("Patch Scan") that is available in the Script Editor when either Execute Script or Schedule Script is selected. This "Patch Scan" script can be used to schedule a patch scan as part of a custom script. It will execute the appropriate patch scan script for the selected machine.

NOTE: Running the Patch Scan script executes only one of three secondary patch scan scripts. Each of the three secondary patch scan scripts is appropriate for the selected machine. When the Patch Scan script is run, you will see an entry in the script log and in the Pending Scripts tab of the Machine Summary interface for one of the following: "WUA Patch Scan 1 (x86)", "WUA Patch Scan 1 (X64)", or "Legacy Patch Scan".

Patch Mgmt - Windows Auto Update Scripts

The "Disable Windows Automatic Update" and "Reset Windows Automatic Update" system scripts are now available in any Script Search popup and the Script Editor when either Execute Script or Schedule Script is selected. Since it is not possible to configure a template account with a specific Windows Automatic Update configuration, exposing these two scripts as system scripts now allows an administrator to schedule these scripts for any machine, including template accounts, from the Pending Scripts tab of the Machine Summary interface or to add the execution of these scripts in any other script such as a custom machine setup script.

Patch Mgmt - Initial Update

· Removed the "Skip if machine offline" checkbox. Due to the nature of Initial Update processing, this option is not applicable.

· Added warning for machines that are not a member of a Patch Policy so the administrator knows ALL missing patches will be installed.

· Changed processing order to: (1) Windows Installer, (2) OS related service packs, (3) OS update rollups, (4) OS critical updates, (5) OS non-critical updates, (6) OS security updates, (7) Office service packs, (8) Office update rollups, and (9) All remaining Office updates.

Patch Mgmt -Pre/Post Script

Modified the Pre/Post Script function to include template accounts so the script assignments can be assigned via Agent Copy Settings and Agent Import/Export Settings.

Patch Mgmt - Automatic Update

· Added warning for machines that are not a member of a Patch Policy so the administrator knows ALL missing patches will be installed.

· Added new "Run Once" scheduling option, selected from the Daily/Weekly/Monthly drop-down list, to schedule a non-recurring one-time scheduling for automatic updates.

Patch Mgmt -Approval by Policy

Modified screen layout to support the following enhancements:

· Added the capability to copy approval statuses from the current policy to another selected policy. This was added to support those customers who perform patch testing against a group of test machines using a test policy. Once testing has been completed and the patches have been approved/denied as desired, use the copy feature to copy only the approval statuses from the test policy to a production policy.

· Added the capability to override the default approval status in a policy for patches that are classified as "Manual Install Only" or "Windows Update Web Site". Checking the option checkboxes at the bottom of the table sets existing updates of these types as denied in the policy and ensures future updates of these types in the policy are automatically denied.

Patch Mgmt - Reboot Action

The default value for a machine is now "Skip reboot if user logged in" rather than "Reboot immediately".

Patch Mgmt - Patch Download Location Override

An automated patch update (patch) location override service has been added. This service applies to patches that cannot be downloaded successfully using the original patch download location provided by Microsoft. This service identifies patch download locations (URLs) identified during WUA Patch Scans that are candidates for override location URLs. Candidates are those updates which the WUA Patch Scan reports as multi-file installation packages or as CAB file installation packages. When a new candidate update is identified, an email notification is sent to Kaseya with the update details. These details are used by Kaseya to identify a single executable file installation package. If one exists, an override location URL is added to an override location database (XML file). This override location database is automatically downloaded and processed by a background process every four hours.

The email notification that is sent to Kaseya contains no information other than selected update (patch) data elements from the Microsoft Update Catalog via the WUA Patch Scan. It is possible to disable these notifications by unchecking the checkbox next to "Enable Invalid Patch Location Notifications" on the Configure page under the System tab. If blank, no notification is sent to Kaseya. You will still receive updated patch location overrides prepared in response to notifications reported by other customers, regardless of this setting.

A new patch location warning, "Patch Location Pending", might be observed on the Machine History, Machine Update, Patch Update, and the Patch Details pages. This warning indicates that the update (patch) does not yet have a valid download location URL and it cannot yet be installed. This warning is removed once an override download URL has been provided by the override location database.

K-VNC for Mac OSX

The K-VNC for Macintosh machines has been updated to RealVNC Enterprise version 4.4.2.

Note for OS X 10.5 users - After the first time install of K-VNC, the system must be rebooted before remote control sessions may be established. Remote control sessions to 10.5 requires that a local user already be logged onto the system.

K-VNC for Windows

The K-VNC for Windows machines has been updated to RealVNC Enterprise version 4.4.2.

Remote Control - Terminal Server

This release adds two enhancements to remote control using terminal server.

  • When sharing disks, you can now restrict the drive letters shared to a limited list. Set Parameters lets you list the drive letters you wish to expose to the remote machine. Use this to share D: without exposing C:
  • The window title now includes the machine ID you are remote controlling. This is helpful when you have several terminal server sessions open at once.

Remote Cntl > Send Message

You can now identify the currently logged on user of a machine before sending a message to that machine.


Backup is now a separate installable module (BUDR.exe). On install of the 5.1 update, BUDR.exe is installed if either (a) there are some backup licenses or (b) there are some installs of backup.

Backup - Schedule Folders

The schedule folder page no longer allows scheduling a folder backup if the Image Location is not configured

Backup - Image Location

When clearing the Image Location, scheduled backups for that machine are removed.

Backup Report

Separate backup counts are displayed for succeeded/failed/warning/cancelled in the header of the backup report.

Reports - Executive Summary Report

Calculations for the Network Health Score for Operating Systems have been changed. Score thresholds were changed from Vista, 2003, XP, 2000 to Vista/2008, XP/2003, 2000, Mac OS. This means the OS thresholds are basically for "Windows 6.x", "Windows 5.x", "Windows 4.x", and "Mac OS".

NOTE: Customers should check their currently saved executive summary reports and adjust the scores as desired for the OS Score.

Reports- User State Management Power Savings Report

Added a new report for licensees of the User State Management module to calculate actual and possible savings from managing computer power settings with the Power Policy feature of User State Management.


Agents are now supported on Windows Server 2008.

LAN Watch - Active Directory Harvest

When performing a LAN Watch on a primary domain controller, you can now optionally enable/disable the harvesting of AD users and AD computers.

Active Directory- paging

Added paging capability to the "View AD Users" and "View AD Computers" pages.

Temp Directory

Master administrators can now set a system wide default for the agent temp directory.

Copy Settings

  • The status column now displays the machine name that settings were copied from and the time they were copied.
  • Added the ability to copy User Profile information in Copy Settings.

Update Agent

You can now schedule a script to run immediately after an agent update completes. This capability lets you reapply any customizations you have made to managed machines that are lost after an agent update. Typically agent customizations involve renaming or hiding agent identifiers to prevent users from being aware that the agent is installed.

Log Archiving new partition tables using bcp

Partition tables have been added to help manage large amounts of log data for the following tables: nteventlog, monitorCounterLog, monitorProcessLog, monitorServiceLog and monitorSnmpObjectGeLog. A partition table is created every day for each log, for example nteventLogYYYYMMDD. Archiving the partition table uses the Bulk Copy Program (BCP) to efficiently move the data from the database to an archived text file. The archiving is based on the maximum value for that specific log found in Agent -> Log History.

NOTE: The server name is setup using the computer name during installation of SQL Server. If you change the name of the server you need to use sp_addserver and then restart SQL Server. If the computer name has been changed since the original installation then the bcp command will fail because the -S parameter is using the <servername\instancename> that was the <computername\instance> at time of installation.

Function Access - Messages and Tasks

You can now enable/disable access to both the Messages and/or Tasks panes shown in the View Dashboard page of the Home tab on a per administrator role basis. Select Function Access under the System tab to set these rights.

Function Access - Documents

You can now enable/disable access to document deleting and document uploading on an administrator role basis. Select Function Access under the System tab to set these rights. Documents are managed using the using the Audit > Documents page.

System - Configure

A new checkbox exists on the Configure function used to force an automatic redirect to use SSL when ever anyone attempts to log into your system via http. To activate, check "Automatically redirect to https at logon page".

Installer / Updater

The Kaseya Server installer and updater now pulls the latest hotfixes prior to the final step of reapplying the database schema.

Third Party Copyrights

A new Third Party Copyrights button displays in the System > Configure page, next to Release Notes and Show License. This information identifies open source and third party software licensed for use by Kaseya.

Database Views - Patch Views

An "InstallationWarning" column has been added to the following views:

  • vPatchApprovalStatus
  • vPatchPolicy
  • vPatchStatus.

The column returns 'Manual Install Only', 'Windows Update Only', 'Product Upgrade Only', or an empty string as appropriate.

Database Views - System Status Functions

Added three new SQL user-defined functions (pseudo-parameterized views) to return the counts displayed in the operating system pie chart and the missing patch pie chart seen on the View dashboard page under the Home tab. These functions are used just like views. Refer to the help topics under Database Views for:

  • fnOSCounts()
  • fnMissingPatchCounts_NoPolicy()
  • fnMissingPatchCounts_UsePolicy()

VSA API Web Service

New features in Kaseya 2008 (v5.0.0.0)- 10 March 2008
Monitoring, Active Directory, State Management, and more

Agent Icon

The agent icon will always remain visible in the system tray for systems configured to show the icon. Prior to this release, Windows would hide the icon if it had not been accessed in a while.

Status Icon

Added a new status icon to represent that an agent is online and that someone is logged into that machine. If someone is logged in, then the tool tip for the icon lists the login name.

Machine ID / Group ID filter -

Machine Count

The machine ID / group ID filter area now lists the number of machines matching the current machine/group/view filter. Use this information as a quick reference to identify the number of machines potentially effected by any action.

View Definitions - Collections

Collections are now defined using the View Definition window in the machine ID / group ID filter. A new check box labeled "Only show selected machine IDs" lets you specify an arbitrary list of machine IDs seen when using this view. Collections, as with all View Definitions, can be private, shared or public.

View Definitions - Missing Patches

The View Definition window includes a new "Use Patch Policy" check box showing machines missing patches greater than or equal to a specified number to optionally apply the patch policies. If this box is checked, only missing approved patches will be counted.

View Definitions - Patch Scan Options

The View Definition window includes the following new options for patch scan scripts:

  • Patch scan scheduled / not scheduled
  • Patch scan success / failure
  • Patch scan has / has not executed in last x minutes/hours/days

All alert email functions have database access

All alert email functions now include data pulled from the database. The same format provided in the Get Variable script function may be used in any alert formatted as follows: <db-view/column>. For example, to include the computer name of the machine generating the alert use <db-vMachine/ComputerName>

SW License

The Audit > SW Licenses function highlights when duplicate licenses are found on the same group. The duplicate license count is now a link that lets you drill down and get a list of machines that share the same license code.

Machine Summary

Added the following to the Machine Info tab:

  • currently logged in user
  • domain/workgroup
  • Last check in time
  • last reboot time
  • first check in time

Added new log type Log Monitoring

Machine Summary -

New Ticket link

The Machine Summary page now includes a New Ticket link at the top of the page. Clicking the link opens a new ticket assigned to this machine id. An optional interface allows you to configure this link to access external systems as well. See the Machine Summary online user assistance topic for details.

External Link to Machine Summary

The following URL displays the Machine Summary web page for a specific machine ID: http//servername?machName=MachineID.groupID
You are first prompted to login, if you are not already.


The application Packager function used for creating custom installations now supports output packages larger than 2 GB.


The Distribution function, under the Scripts tab, histograms the recurring schedules for scripts. This function quickly highlights potential server loading by showing peaks where multiple machines are scheduled to run the same script at the same time. This release adds a drill down capability to the histogram such that you can click any peak on the histogram and get a list of machines that make up that peak.

Scripts -CheckVariable - Evaluated Expression

A new script IF EvaluateExpression command evaluates expressions consisting of script variables from a parent script and six mathematical operators +, -, *, /, (, and ) to perform the comparison to determine whether to execute the THEN or ELSE statements. For example, you can evaluate the expression

IF (#variable1# + #variable2#) * 100 > #variable3#

where the variables contain numeric values from a parent script that obtained them using GetVariable commands.

Scripts -

OS Type

The OS type selection for script steps now includes the options for "Mac OS X" and "All Windows Operating Systems".

Scripts -


A new option sends an alert for the GetFile script command when the file is identical to the one that was retrieved the last time.

Scripts -

GetVariable - Expressions

Added the ability to specify an expression that consists of script variables and six mathematical operators +, -, *, /, (, and ) that will be evaluated and assigned to a new script variable. For example, ((#variable1# + #variable2#) + 17.4) / (#variable3# * 4). The script variables must contain numeric values.


GetVariable - WMI Values

Added the ability to specify a WMI namespace, class, and property and assign the retrieved value from a managed machine to a script variable. The format of the specified WMI property is NameSpace:Class.Property<. For example, root\cimv2:Win32_OperatingSystem.FreePhysicalMemory

Scripts -

Set Registry Value

Added ability to set registry values with the data type REG_MULTI_SZ. Separate each string with the two character sequence of "\0". Use the three character escape sequence of "\\0" to include "\0" as part of a value string. This capability requires the Kaseya 2008 agent.

Dashboards and Dashlets

Added a new Dashboard List function to manage configurable monitoring windows called "Dashboards". Each administrator can create their own dashboards and add one or more custom "Dashlets" in each dashboard. Each dashlet has the following customizable attributes; position, size, machine filter, header and refresh rate. Dashlets include:

  • Alarm Summary
  • Alarm Rotator
  • Alarm Ticker
  • Network Status
  • Group Alarm Status
  • Monitoring Set Status
  • Monitor Status
  • Machines Online
  • Top N - Monitor Alarm Chart
  • KES Status
  • KES Threats

Alert -
Format Alert Email

The Alert > Agent Status > Format Alert Email window now has two new formats. One for a single machine going offline. The second when multiple machines in the same group go offline. Note that a separate alert is generated for each machine group.

Pre-Packaged Monitor Sets and Event Sets

Kaseya 2008 features a wide variety of performance and service monitor sets and event sets. These sets monitor server and workstation performance objects including SQL, Exchange and other key performance objects such as DNS, DHCP and disk drives. Event sets monitor the Windows event logs for a variety of application, security and system event entries. Events set alerts are defined using Monitor > Alert > Edit Event Sets. Sample monitor sets and events sets are loaded with the installation of Kaseya 2008 or by using the System > Configure page. Sample monitor sets and sample event sets can be identified by the naming convention. Each name begins with ZC-.

Monitor Set Naming Example:

ZC-SV3 - DHCP Server - DHCP Services

Event Set Naming Example:

ZC-CM1-E1 Antivirus Events

Monitoring - General

  • Alarms are now optional.
  • Alarm state (Open, Closed) and notes no longer exist for monitor alarms. This data is now a read-only log.
  • New alarm state data contains current state of monitor counters, services, process and SNMP. Alerts, system check and log monitoring data are not included in this state data.
  • Monitor view consoles are updated to use the new alarm state data appropriately.

Log Monitoring

Added new function to monitor the parsing of log files.

  • Ability to parse log files created from specific machines and syslogs from devices.
  • Ability to pull log data into custom field parameters for reporting.
  • New log called Log Monitoring to view and report on log data returned.
  • Added to monitor alarms with the new alarming criteria; if event happens once, if number events happen over a duration, and if an event doesn't occur for a duration.
  • Alarm is not required.
  • Added Log Monitoring to Logs report.
  • Added Log Monitoring list to Machine Summary.
  • Added Log Monitoring results to Executive Summary Report sections; System Activity and Network Health Score.

Windows Event Logs

Enhancements to Windows Event Logs:

  • Added support for all Windows event logs. Update List By Scan function pulls event log types from the machine scanned.
  • Added new Windows Vista event log types of Critical and Verbose.
  • Event Alerts - alarms are optional.
  • Event Alerts - added new alarming criteria, if event happens once, if number events happen over a duration, and if an event doesn't occur for a duration.
  • Event Alerts - Added re-arm time
  • Event log reports support all event logs.

Monitor Sets - Counters

In the Counter Thresholds tab of Monitor Sets enter an instance of *ALL for a monitor set object, as opposed to selecting *Total which combines the results. For example, if multiple drives are determined to exist on a machine, based on the Audit function, the monitor set with an instance of *ALL will dynamically select a counter for each drive.

Monitor Sets - Services

In the Services Check tab of Monitor Sets, select the *ALL selection to monitor all services set to automatic on a monitored machine, instead of having to address each service individually.

Monitor Sets - SNMP

In the SNMP Sets wizard in SNMP Sets select an instance of All to address each SNMP instance in an SNMP object separately. These instances are identified by the last SNMP walk perform during a LAN Watch.

SNMP Sets - Percentage Comparison

SNMP Sets now provides a percentage comparison of one SNMP Object to another, for example, if ifInErrors is greater than x% of total UcastPackets.

SNMP Quick Sets

An SNMP walk during a LAN Watch identifies all SNMP objects that apply to an SNMP device. Using Assign SNMP, you can click the link of a discovered SNMP device and create an SNMP "quick set" to monitor that device.

Monitor Sets and SNMP Sets -
Auto Learn

Monitor sets and SNMP sets can to set to automatically adjust their alarm thresholds based on real word data for a specfied time period. Once an auto-learn session has been completed, the alarm thresholds can be fine-tuned manually.

Monitor Sets and SNMP Sets -Individualized Sets

An "individualized" monitor set or "individualized" SNMP set can be created for a specific machine or SNMP device, based on a "standard" monitor set, a "standard" SNMP set or a "standard" SNMP quick set. From that point forward changes made to the individualized set apply only to the machine or device it is monitoring.

System Check - Custom Name

Added custom name to system check. The name is used in alarm and email format templates.

Email Reader

Ticketing > Email Reader can now be customized to ignore emails containing specific text strings. Use this feature to prevent ticket creation when emails are received from things like email bounces. Typical bounced emails contain the string "Undeliverable: ".

External Link to View Ticket

The following URL displays the Ticketing > View Ticket web page for a specific ticket:
You are first prompted to login, if you are not already.

Product Identification

Added a Product column to various patch screens to help identify the product category associated with the specific patch. Also added this attribute to the Patch Details screen. For those cases where a specific patch is used across multiple operating system families (i.e., Windows XP, Windows Server 2003, Vista, etc.), the product category is "Common Windows Component". Examples of the "Common Windows Component" product include Internet Explorer, .Net, Windows Media Player, MDAC, MSXML, etc. This attribute has replaced the patch name on those screens where patch name was previously displayed.

Patch Status -
Reboot Button

Added a "Reboot Now" button next to the "Reboot Pending" notification on the Patch Status page. Clicking the button schedules an immediate reboot on the machine. A confirmation dialog box is presented to prevent inadvertent reboots.

Automatic Updates

Added capability to schedule automatic updates on a monthly basis. Automatic Updates can be scheduled daily, weekly on a specified day of the week, or monthly on a specified day of the month (1-31).

NOTE: When processing monthly automatic updates, if the current month has fewer days than the scheduled day of the month, the automatic updates is processed on the last day of the month. For example, if the current month is April and the scheduled day of the month is 31, the patches are scheduled on April 30th.

Patch Alerts

Added a new machine level patch alert. This alert, when configured, is generated when the Windows Automatic Update Policy on the machine is changed to a setting (disabled, enabled, user control) that is different from that specified in the Windows Auto Update function under the Patch Mgmt tab. The Windows Auto Update function displays the current Windows Automatic Update Policy setting on the machine. This setting is obtained during each patch scan, and the alert is generated, if necessary, during the processing of patch scan results.

Patch Update

A "Patch Group By" dropdown list has been added to allow the user to change how the displayed patches are grouped. Before this release current grouping was based on the update classification and could not be changed. Now, the user can group by either update classification or product. The screen layout was modified to include both product and update classification in the presented data. Patches are still sorted by KB article within each grouping so that patches having the same KB article number are next to each other.

Patch Policy

Changes to approval/denial of patches include:

  • The former "collections" functions on the System tab have been moved to the Patch Policy section under the Patch Mgmt tab.
  • These former collections are now called "patch policies".
  • Standard administrators can only see patch policies that contain machines they have rights to see or patch policies they create. This should allow standard administrators to now safely manage patch polices without interfering with administrators restricted to a different set of machines.
  • When a new patch policy is created, all active patches in that policy are now automatically set to pending approval rather than the previous default behavior of approved.
  • The "Patch Approval" function has been renamed "Approve by Policy" to distinguish it from the new "Approve by Patch" function.

Approval by Policy - Group By

Modified the screen to be able to select the view of the status table based on update classifications or based on products. Both views are presenting totals from the same data source, so the total patch count for each approval status are the same, just distributed differently depending on the view selected. When a drill down is selected to the patch details page, the patches are grouped by the classification (sorted within classification by product) or by product (sorted within product by classification) based on the view selection.

Approval by Policy - Save As

Added "Save As" capability to copy the current patch approval policy as a new policy with identical settings. All patch approval/denial statuses are copied as are the default approval statuses for the policy.
NOTE: Machine membership is NOT copied to the new policy.

Approval by Policy - Default Approval Status

Default approval status can now be set for each update classification and each product within a patch policy rather than just for the policy. This allows setting patch policies to automatically approve selected update classifications such as security updates while automatically denying other update classifications such as service packs and automatically setting the rest of the update classifications to pending approval. It also allows setting patch policies to automatically deny patches for selected products such as Office 2000 while automatically approving patches for products such as Office 2007 while automatically setting patches for the rest of the products to pending approval.

NOTE: If there is a conflict between the two default values, the more restrictive default value is used. For example, if one default is denied, the patch is set to denied. If one default is pending approval, the patch is set to pending approval. Both defaults must be approved for the patch to be set to approved.

Approval by Patch

Added a new function under Patch Mgmt > called "Approval by Patch". The data displayed on this page is the same data available in "Approval by Policy". It is just displayed from the patch perspective rather than from the policy perspective. Approving or denying patches from this page provides an "approve or deny once" capability. Includes the ability to filter the list of patches.

NOTE: This function is only available for master administrators because it affects ALL patch approval policies.

KB Override

Added a new function under Patch Mgmt called "KB Override". Using this page, you can set a default patch approval status override (Approve or Deny) for a specific Microsoft knowledge base (KB) article. This override status is used rather than the patch policies' default approval status when adding a new patch to all patch approval policies. It also resets the approval status for the specified KB article in ALL patch policies. To add the KB override, a patch must already exist in the system with the specified KB article number.

NOTE: This function is only available for master administrators because it affects ALL patch approval policies.


A new option in Remote Cntl > Chat, "Automatically close chat window when either party ends chat" lets you control how the window behaves at the end of a chat session. Uncheck this box to leave the chat session open after the other side closes the window. This gives people a chance to read the last message or copy data into another file.


ActiveX installs all remote control views for the admin and the remote control server for the user when the admin uses the Video Streaming function. This can cause problems if the user's browser blocks ActiveX controls from running. With this release, if the user's browser detects the ActiveX control could not run, then the user is presented with a link to manually download and run the remote control package manually.


K-VNC is now supported on Windows 2000, XP, and 2003 in addition to Vista.

Backup Status

Added a new Backup Status dashboard, which provides:

  • A list of backups in progress including % complete
  • A backup summary pie chart showing scheduled, skipped, failed or cancelled backups
  • Backup status by machine showing status backups scheduled, skipped, failed or cancelled for each machine

The time period over which to collect results is selectable.

Backup Sets

Enhancements to backup set management include:

  • Option to delete backup set before running backup. This reduces the amount of disk space necessary on the backup server.
  • Additional folder and volume backup set data detail. Report now includes type of backup performed (full, incremental, differential) as well as the number of disk volumes backed up for volume backups.
  • Access to full log detail from backup set detail page via hyperlink.
  • Canceling a backup in progress using an option from the backup set detail page.

Backup Alerts

Alarms are now optional for alerts. Additionally, two new alerts have been added:

  • Skip recurring backup for offline machines. An alert is generated if a recurring backup is skipped on a machine a designated (user set) number of times
  • Alert when image location hard disk used reaches user defined number of Mbytes free.

Backup Logs

Enhanced error detection and recovery.

  • If the original full backup is missing when performing an incremental or differential backup, the backup is now reported as a full backup.
  • More robust detection of errors when end-user has uninstalled the Acronis agent locally

Reports -


Backup report now offers option to include or exclude machines without data.

Reports -

Patch Management

  • Added "Manual Install Updates" to patch management report filtering to include all patches that require manual installation, including those patches that can only be installed via the Windows Update web site.
  • Added ability to filter patch reports by either the existing standard filter selections or a custom filter for a specified comma delimited list of KB Article Numbers and/or Security Bulletin Numbers.
  • Added a summary table of machines and count of installed patches to the "Patches Installed in Last x Days" report segment.

Reports -


  • Added a new checkbox to the Logs report named "Preserve plain text formatting". Check this box to display plain text logs with the formatting from plain text files preserved in the HTML page.
  • New Log Monitoring Report - Reporting on data returned from the new log monitoring feature. Allows for filtering on log text and custom fields by log parser.
  • New Event Log Frequency Report - Report gives the most occurring eventIDs for the selected event log types for each machine ID.

Reports -

Monitor Action Log

New log describing the actions that occur when a monitor alarm threshold is met. Contains information on alarm created, ticket created, scripts scheduled, and emails sent.

Reports -

Event Log Frequency

New report displaying top number (N) of windows event logs per machine ID.

Reports -

Executive Summary

Added Log Monitoring to system activity.

Added Log Monitoring Custom allowing to count, total, average, min and max of log parser custom number fields.

Report - Monitor Action Log

Added monitor action log to monitor reports section.

DNS Computer Name

The fully qualified DNS computer name is now available for any machine that is a member of a domain. Members of workgroups return the computer name only in this field. Display the DNS Computer Name in either the Agent > Agent Status function or in the Aggregate Table report.

CPU Count

The CPU Count number, returned by audit, is now available on both the Agent > Agent Status function or in the Aggregate Table report.

Log History

Added capability for the following to be aged and/or archived:

  • Agent Log
  • Configuration Changes
  • Network Statistics
  • Script Log
  • Remote Control Log
  • Alarm Log
  • Event Log
  • Monitor Log
  • SNMP Log
  • Log Monitoring

The archiving of logs places log table data into text files. These text files are stored at a specified location and categorized by log table and machine ID.

Agent Install Packages - Standard Administrators

Standard administrators are now restricted to creating agent install packages using existing group IDs.

Macintosh Agents

A Macintosh agent is now supported. The agent type is specified in the Create Package wizard in the Agent > Deploy Agents function. If an administrator password is omitted from the Macintosh installation package, the installer prompts for administrator credentials during the installation as long as the silent option is not selected.

Rename Group

The Agent > Rename Group function under the agent tab, lets you rename any machine group ID or subgroup.

Rename Agent

Agents now check in using a GUID instead of the machine ID. Old agents can still check in using the machine ID and are fully supported except for renaming capability. Renaming now just changes the display name of the agent. The agent GUID stays the same. So in order to rename agents in the new system, the agent must be upgraded to Kaseya 2008 first.

Hide Common Computer Names

Typical laptop computers may have multiple MAC addresses and LAN Watch may detect both MAC addresses for the same laptop, for example, wireless LAN vs. direct connect LAN. So an additional checkbox has been added to hide machines that have a common computer name in the same group ID. Only the MAC address used by the agent to connect to the Kserver is reported.


This release supports Intel's vPro-enabled processors.

  • vPro enabled machines can be discovered using LAN Watch.
  • LAN Watch discovery can include an audit of the hardware assets of vPro-enabled machines.
  • Remote Cntl > Power Mgmt provides scheduling of power ups, power downs, and reboots of vPro-enabled machines.

Active Directory

LAN Watch has been extended to integrate with Active Directory. Running LAN Watch on a primary domain controller automatically discovers all computers and users listed in AD. Two new functions, View AD Computers and View AD Users, display Active Directory results. You may also deploy agents to Active Directory computers found by LAN Watch as well as update user information pulled from Active Directory.

AD Logon

Any user discovered by LAN Watch may be tagged as a new Administrator logon or User logon to the VSA using View AD Users. These logons are all authenticated by the domain controller the logon is attached to. So now you can use a single logon on both your network and the VSA, all controlled by Active Directory.

NOTE: You can remove both the Domain field and the Remember Me checkbox from the logon page by checking the appropriate boxes on the Logon Policy function under the System tab.

Copy Settings - Exclude Patch File Source

A new Agent > Copy Setting option, Patch File Source, lets you exclude or replace the patch file source. The patch file source is frequently a customer-specific setting and should not be overridden when copying settings.


The System > Migrate function has been replaced with a new Agent > Import/Export function. Exported accounts capture all machine settings, including script schedules, into an xml file. Use Import/Export to move settings attached to any agent. Note that Import/Export only moves settings and not data attached to a machine. Log data is not moved with Import/Export.

Suspend Agent

Suspend all agent operations (scripts, monitoring, patching, etc...) without changing the agent settings. Use Suspend to disable accounts without deleting the agent or modifying any of the agent's settings.

Admin Role Management

Administrator management has been enhanced with this release to allow non-master administrators to more securely manage other administrators. The administrator management functions under the System tab, restrict non-master administrators to only seeing other administrators that are members of the same roles. Note that master administrators rights may never be removed by standard administrators. Effected functions are:

  • Admin Roles - Create/Delete
  • Membership
  • Group Access
  • Function Access
  • Login Hours
  • Admin Accounts - Create/Delete
  • Enable/Disable
  • Set Password
  • Admin History

Function Access

A new Enable All/Disable All button gives you a quick way to turn access on or off for all functions for an admin role. Click Disable All when configuring an admin role that does not have access to many functions.

Function Access -

Summary Page

Access to the tabs on the Machine Summary page can now be granted or blocked on a per admin role basis using Function Access.

Function Access -

Lock Settings to Match

Function Access settings for an admin role may now be locked to some other admin role. Any changes to the Function Access list for one admin role are automatically applied to all roles locked to it. If you create unique admin roles in order to isolate access to machine group, but want to give each role the same list of functions, then you can use this new feature to manage all function access from a single role.

License Manager

License limits now flow down to subgroups. Subgroups now inherit the license limit applied to their parent groups if the subgroup does not have a limit specifically applied.

Login Policy

The login policy is now enforced for both user and administrator logins. Prior releases only applied login policy to administrator accounts.


The customize function now lets you further customize the logon screen. You can add additional links on the left edge of the screen. This may be a useful spot to place a link to the Video Streaming page (/getHelp.asp) for example.

Database Views -

vBackupLog view

Added a new column to the vBackupLog database view. imageSize shows the size in bytes of the backup file. If the log entry does not relate to a backup then this column returns a zero.

API Web Service

Added a web service that provides an API (application programming interface) to the VSA. Enable the web service using the System > Configure function. Once enabled, the web service may be queried from the URL http://<your-vsa-server>/vsaWs/KaseyaWS.asmx using a valid administrator credential. A test client example, access control rules, and further details may be found in the directory <kaseya-install-dir>\vsaWs.

Kaseya Endpoint Security v1.2 (v1.2.0.0) - 10 March 2008

View Status

The current available version is directly off the Grisoft RSS feed and will be updated within 15 minutes of Grisoft posting an updated

View Status

The "Threats" column nows present a link to the manage threats page filtered on that individual machine. The top machine filter is not affected.


Individual agents no longer have update schedules. The KServer now tracks updates and schedules update scripts on individual agents only as needed. This results in timelier updates with less overall activity.


Because of the new automatic update script assignment, periodic (recurring) updates are no longer allowed. This page is for "manual push" only.


KES updates now honor the "File Source" settings under Patch. So KES can now deploy updates to agents that are not internet-connected (as long as they can reach the file share and the file share can reach the Internet).


The KES Agent now goes to the VSA server for updates when the File Source is KServer or Internet

View Threats

Select All has new behavior. Now it selects all of the threats in the current filter instead of just the current page.

View Threats

Now has a "Purge" button in the action bar for "clean up". This will remove the threat from the active threat list (and put it in the history list) without triggering any script on the agent.

View Threats

There are now two tabs. The "Current Threats" tab is conceptually identical to the old page, showing threats that are current or in process of being taken care of. "Historical Threats" are threats that have been taken care of either through a clean, delete, restore, or purge.

View Threats

Additional filters: "machine", which allows narrowing by machine without affecting the top-level filter (useful for stepping back and forth from the status page). "Time" filters on the discovery date by min/max/in between. "Categories" filters on the threat type"”whether antivirus or antispy. "Action" and "Status" filters by what action (if any) has been taken and what the progress of that action is (pending/failed).

View Logs

Filters added to make log more useful. "Time" filters by when the event occurred (you have a lower and an upper date, and if either is empty that end is "open", so both empty means "all"). "Categories" lets you pick events to view by category. "Message" lets you text search the message for some particular string.


KES Alarms are now assigned via sets. These sets are created on the new "˜Define Alarm Sets' page, and assigned on the "˜Apply Alarm Sets' page.


There are new KES alarms.

Define Profile

The profile UI has been updated to more closely reflect AVG. A few new options have been added as well.

  • Certification text for incoming and outgoing mail.
  • Ability to add prefix text to the subject of a message that contained a virus.

Define Profile

A new tab called "Exchange" allows for configuration of the new real-time monitor for Exchange (see MS Exchange Install/Remove below)


There is a new button on the view threats page "˜Add to PUP Exclusion List'. Any threats selected when this is pressed will be added to an exclusion list for the profile assigned to the machine they were found on. If AVG decides a file by this name is a PUP on any machine with this profile, this file will be ignored (excluded).


There is now an option to choose which profile to assign to a machine at install time.

MS Exchange Install/Remove

Added support for real-time monitoring of Exchange Servers. This page allows you to install Exchange Server support on any KES endpoint that is also an Exchange Server. Different licensing applies.

New features in v4.8.0.0 - June 5th, 2007

Exec Sum Report

The OS score weighting can now be customized. You can individually weight the OS score given to Vista, 2003, XP and 2000. Enter the % weights (0 to 100) in the four columns normally used for %score. Place Vista in the 100% column, 2003 in the 75% column, and so on. All legacy OSs are given a zero. If you have a large number of legacy OSs deployed, considered turning off the OS score.

Changed the default System Activity search filter data to only count for Latest Audit and Patch Scan. Prior to this release, the default values counted any appearance of Latest Audit and Patch Scan, including reschedule events. Note: You must edit any saved Exec Sum Reports yourself to add these new filters in by clicking the Change Rows button.

Patch Mgmt

Added WARNINGS and/or NOTES to screens affected by Initial Update to better inform users of its impact on patch management functions.

Patch Mgmt - Patch Status

Enhanced the Patch Status page with the following:

  • Added a new column, "Missing Manual", to provide a count of those patches that require a manual effort to apply. These patches cannot be processed by Automatic Update or Initial Update.
  • Added the ability to display the status of Initial Update while it is being processed. The Initial Update status message and date/time is displayed instead of the column totals when ever Initial Update is being processed.
  • Patch Test will not be performed on machines that have Initial Update being processed. Added NOTE on screen to that effect.
  • Added the ability to display the name of machine's operating system if the OS is not supported for patching.

Patch Mgmt - Rollback

Added the date, if available, that the patch was installed to the screen similar to the Patch History screen.

Patch Mgmt - Cancel Updates

Add a notation to the "Pending Update Install Status" column to indicate that the patches currently pending installation are being processed by Initial Update. Canceling pending updates will now also cancel Initial Update.

Patch Mgmt - File Source

Enhanced the File Source page with the following:

  • Modified the "Pulled from file server using UNC path" option by adding a Machine Group Filter dropdown list to filter the list of machines on which the file share is located. Previously, the Select Machine Group that filters the list of machines displayed on the page was used. This prevented users from selecting a machine in another group as the file share unless they selected all machine groups for the page.
  • Added a sub-option under the "Pulled from file server using UNC path" option. This new sub-option permits the administrator to configure a machine to obtain patches from the file server when the machine is connected to the LAN, but fallback to download the patches from the Internet if the file server is not available for any reason (cannot connect to file server or bad network credential).

Patch Mgmt - Windows Automatic Update

Added checkbox to "Force auto-reboot if user is logged on" to the "Configure - Force Windows Automatic Update configuration to the following settings" setting. We also changed the underlying default to NOT force the reboot. This is a Windows Update registry setting that only affects Windows Automatic Update. Windows Automatic Update cannot use Kaseya's Reboot Action settings.

Patch Mgmt - Office Source

Added the ability to filter by Office products/product codes to make it easier to set multiple machines to a common Office source share. Since the same Office product can have one of several product codes, the filter ensures that only products with the same product code are selected together.

Status Monitor

The status monitor pop up window no longer counts or displays template accounts (agents that have never checked in).

Script Editor

Fixed problem with file list that would not list shared files unless that admin also had rights to upload and delete shared files. All admins may see shared files.

Disk Info List

Show used space in addition to free and total space for all disk drive space tables and reports.

Application Changes Alert

You can now add exclude directories to the Application Changes alert. Any application added or removed to these directories will not generate an alarm. The exclude path may contain wildcards.


KServer modifications include the following:

  • Log a script execution error when processing a Set Credential script command that has an empty username.
  • Escape the ampersand character in the Send Message script command so that the character appears correctly in the dialog box shown on the Agent.
  • Escape the ampersand character in the Execute Shell Command so that the character is correctly recognized when it is part of the directory path.
  • Corrected processing of script IF command "IF user response is Yes" when no user was logged in so that it takes the ELSE path.

Agent - Pause Command Processing

The processing of the Pause Script command has been shifted from the KServer to the Agent to avoid the possibility of putting all process threads to sleep in the server for a prolonged period which would result in Agents going offline.

You must update your Agent to the current version in order to process any script with the Pause Script command. The KServer will now fail at the Pause Script command when a script is run on an AgentMon.exe prior to v4.7.0.4.

Agent - Workgroup/Domain name

The Agent now reports whether the computer is joined to a workgroup or domain and the corresponding name. This information can be used in creating a view as well as shown on the Agent status page and reports.

Agent - Response Issue

The Agent detects a connection corruption caused by security software that blocks KServer messages requesting an immediate checkin. The corrupted connection was causing a 3 minute timeout before establishing a new connection to run the pending tasks. When the Agent detects the symptoms of this condition, it removes the timeout so that the tasks can run at the specified checkin period.

Agent - Event log description

Resolved an issue so that the event log description is properly retrieved when the vendor provides multiple event log message DLLs. Also fixed an issue with retrieving the description when the vendor provides only a 64-bit event log message DLL.

Agent - Event log collection

Resolved an issue with retrieving event log information on Vista when the application provides access only through the newer event log interface and omits backward compatibility through the legacy interface.

Agent Contact Administrator Menu Item

Resolved an issue that opened the Administrator login page instead of the User login page when selecting the "šContact Administrator agent menu item.

Log display

You can now sort the Event Logs and Script Log by column in the Agent Logs function under either the Agent Tab or the single machine interface.

Edit Profile

Added a checkbox to the Edit Profile function called Show notes as tooltip. Checking this for any machine ID will display the notes field for that machine to display on the tooltip for the agent's status icon. Use this feature to quickly access notes for any particular machines.

Exec Summary Report

The OS score weighting has been changed to (Vista-2003:100%, XP:75%, 2000:50%, NT4:25%)


Administrators can not remove their names from the list of available administrators to chat with. The list seen by administrators (in the Chat function under the Remote Cntl tab) and the list seen by users in the user login are controlled separately.

Set Credentials

Added a test function to verify the credentials work

System Info

System information now inserts a link to the PC manufacturer's support site when a field in the System Information table may be used to access this data. Currently supported manufacturers are:

  • Dell
  • IBM
  • Lenovo
  • HP
  • Compaq
  • Gateway
  • Sony


Added option to list machines that have never checked in. Use this filter to list template accounts.

Monitor - System Check

Enhanced the capabilities of Custom command within the System Check function. Custom commands will now require an output file assigned by the administrator. Alarms will be created by searching the output file for a specific value(s) by using the operator contains or does not contain.

Added alarm Re-Arm time, to allow all system checks to ignore addition alarms for the specified duration.

Remote Control - K-VNC

Added support for K-VNC to provide remote control on Vista.

Remote Control - RAdmin

Added support for RAdmin 3.0. RAdmin 3.0 includes full support to remote control Vista.

Remote Control RDP

Support remote control of a terminal server running on a port other than the default port 3389.

Remote Control Policy

Machine Policy now support a fourth policy type. Require permission will not allow remote control unless a user gives permission. If no one is currently logged in, then permission is denied.

Automatic SQL Script Variables

SQL view parameters are now available as automatically declared script variables. Use the format #SqlViewName.ColumnName# in a script variable to access the dbo.SqlView.Column for the machine ID executing the script. These automatic variables allows you to skip the call to GetVariable with the option SQL View Data with the format of SqlViewName/ColumnName. See the context sensitive help for the System tab. Database Views function for a list of the SQL views and columns that are available.

GetVariable Script Command

Added a new option"š SQL View Data"š that will place the result of a database query to retrieve data from an SQL view for a specific machine ID or for the machine ID executing the script. The format of the parameter for this option is SqlViewName/ColumnName/mach.groupID or SqlViewName/ColumnName. The latter format is an explicit form of the automatic SQL script variable. See the context sensitive help for the System tab; Database Views function for a list of the SQL views and columns that are available.

Audit - Documents

There is a new function under the Audit tab named Documents. Use the Documents function to store files associated with a machine ID. Typically, people store things like scanned copies of purchase receipts, contract information, and configuration notes here.

Agent on Vista x64

The Agent now runs on Vista x64. Drivers provided with the Agent are signed. The only known restrictions are:

  • Terminal services (RDP) is the only remote control option.
  • Network access can be granted/denied and network statistics can be gathered only for 32-bit applications.

Reset Password

The password is now set to never to expire when it is set using the Reset Password function under the Remote Cntl tab. This feature requires a new Agent, version or above.

New features in v4.7.0.0 - January 29th, 2007

Vista Support, Improved Monitoring

Patch Management, Expanded SupportAdded full patch support for Microsoft Exchange, SharePoint, Vista, and Office 2007
Patch Management"š File SourceAdded validation code to alert the administrator when a LAN file source Machine ID no longer exists or if any of the required data is missing.
Patch Management"š Initial UpdateAdded support for the execution of a script before Initial Update and/or after Initial Update. These scripts are configured on a per machine basis in the new Patch Mgmt"š Pre/Post Script function.
Patch Management"š AlertAdded two new patch alerts:
  • Invalid Agent credentials
Patch ManagementIn an attempt to minimize the need for installation media when patching Office 2003, the new command line switch, /MSOCACHE"š has been added. The " /MSOCACHE" switch only applies to Office 2003. When the patch database is updated, this switch is automatically added to all Office 2003 patches. It is not automatically added to Office 2003 service packs. When this switch is used, the system determines if the MSOCache exists on the target machine. If the MSOCache does exist and this switch is used, the system will automatically use the run silently switch ("/Q") thereby relying on the MSOCache rather than requiring the actual installation media. If the MSOCache does not exist on the target machine, the existing switch will be used. If a patch installation fails that uses the "/MSOCACHE" switch, it typically means that the MSOCache could not be used by the patch.
Patch Management"š Office SourceAdded support for configuring a machine with Office installed to use a network share or a directory on the local hard drive as the Office installation source rather than the default CD-ROM. This feature modifies the machine's registry so Office will look to the alternate location for the Office installation source. The provided source is validated to be sure that the source is compatible with the installed edition/version of Office.
Copy SettingsIf the source machine (the machine you are copying from) does not have a credential, then the credential is not changed on the target machines. Use this to create template accounts that do not effect the credential of target machines.
ScriptsAll Kaseya Scripts run after a machine reboots were named REBOOT-xxxx. We received several support requests asking why Kaseya reboot their server when in fact the script was run as a result of a reboot and did not cause the reboot. To end this misconception, we have changed this naming convention to START-xxxx
Audit - Software LicenseThe product installation key (CD key) is recovered during audit when it is available.
Audit "šÃ„ì Add/Remove ProgramsAudit now returns the add/remove program list.
Remote Control StatusCurrently logged in user for each machine ID, if any, is displayed on the Control Machine function.

If any admin is currently remote controlling a box, the admin name is also listed.
Remote Control Notification Policy Allow policy to be defined on a per machine basis.
  • Silent
  • Notify if logged in (now with customizable message)
  • Ask if logged in (else deny) (now with customizable message)
Added option to pop up alert when remote session completes (with customizable message). Option to (or required if policy set) add a note to the admin notes log prior to allowing remote control session to start.
Remote Control LogYou can now report on remote control activity. The system now maintains a separate remote control log for each machine ID. You can view (Agent Tab - Agent Logs) or report (Reports Tab - Logs) on the Remote Control Log just like any other log.
Disable Remote Control on InstallAdding the /x option to the agent install package (Agent Tab - Deploy Agents) automatically disables remote control from the client side after a successful agent installation.
Remote Control Verbose ModeThe Enable verbose relay flag is now remembered on a per admin basis. If you enable the verbose relay in a remote control of FTP session, that flag is automatically set the next time you remote control of FTP. The verbose relay flag is typically left off and is not needed for normal operation.
System CheckSystem Check verifies a remote machine, such as a web server, is functioning by connecting to it on a recurring basis. You can prevent temporary outages from sending alarms by specifying the length of time a check must fail before issuing an alarm.
Agent StatusTime Zone is now available for display in the Agent Status table.
Monitor - Agent Status AlertThe system now detects when a batch of agents go offline at the same time (usually resulting from an internet outage). The system will now send only a single email listing all machines that went offline at the same time. Prior to this release, an email was sent for each machine ID.
Monitor - SNMPTime between SNMP monitor requests has been reduced. In older versions, the interval between SNMP monitor request could have become prohibitively long if the SNMP Probe (Agent) was monitoring hundreds of SNMP Devices. The polling and connections are now multithreaded; creating narrow data sample intervals.
Monitor - SNMPWhen Kaseya first discovers an SNMP device, a deeper initial request of SNMP data is now being performed. The initial SNMP Discovery will now include a 'deep dive' return of SNMP data. The SNMP branches currently being queried are: iso.org.dod.internet.mgmt.mib-2.interfaces and .iso.org.dod.internet.private.
Monitor - SNMPAdded link to Assign SNMP Monitor page to view list of auto discovered SNMP data.
Monitor - SNMPAdded new function allowing the user to customize SNMP Device names and Types.
Monitor - SNMPAdded filters to the SNMP Log function to allow the user to filter log entries that contain certain text or values.
Monitor - SNMPIf the user removes the SNMP Community name, all associated SNMP Devices will be removed and logs cleared.
Monitor - SNMPThe SNMP Probe will attempt to find SNMP Table descriptions where possible and automatically insert the results into the monitor item description. (Example: If asking for the ifEntry.ifInOctets for interface #2, Kaseya will identify, if available, that interface #2 is the external firewall connection and add it to the description)
Monitor - GeneralPop-up warning on log-in will inform the user that Alarms are currently disabled.
Monitor - GeneralIf the update of a monitor set is not contextual (does not significantly change the monitor item), the logs will not be cleared.
Monitor - GeneralAll monitor sets will continue collecting data even if the administrator changes the Kaseya temp directory.
Monitor - GeneralWhen a SNMP Community Name reference is removed, all related SNMP Agents will be removed also.
Monitor - GeneralAdded more descriptive information within monitor set expanded information to the following web pages; Log Summary, Alarm Summary, Alarm Status, Monitor Set Status, Monitor Summary, Live Connect.
Monitor "šÃ„ì System CheckAdded Duration to all system checks for alarms.
Monitor - AlarmsHistory of note entries can now be kept on all Alarms.
Monitor - AlarmsIf a monitor set generates an alarm email, an additional email notification can be sent if the Alarm value transitions back 'out of' its alarm state.
Monitor - ReportsAllows the user the ability to select a monitor counter and calculate the 95th percentile (or 5th) for each counter. Also added was a comparison feature; allowing two machines to be reported (trended) upon side-by-side.
Monitor - ReportsAdded trending reports with 'number of days' filter and comparison features.
Monitor - ReportsAdded trending reports for all SNMP Objects (again with comparison feature).
Monitor - ReportsAdded Monitor Configuration Report listing the monitor set configuration for the machines selected.
Monitor - Copy Settings'Copy Settings' will now include all monitor sets information when copying machines with the same operating system. Monitor sets will not be copied if the operating systems is not supported by monitoring and/or copying from Windows 2000 to Windows XP/2003.
Monitor - Assign Monitor/SNMP SetsNew edit icon, when clicked will allow the editing of existing monitor set deployment parameters on the specific machine/device.
Monitor Sets and LogsAll monitor sets will stay collecting data even if the administrator moves or renames the Kaseya temp directory.
Monitor - Log SummaryAdded icon indicator and action to refresh specific monitor object on the machine or device.
Monitor - Log SummaryAdded Filters to log and chart data.
Monitor - Log ChartsAdded more description info and X/Y titles to charts.
Monitor Console - Machines OnlineAdded Customized zones Red/Yellow/Green
Monitor Console - Popup WindowsFixed positioning of console windows alignment.
Monitor Console - Group AlarmRemoved View drop down list. Group alarm status page will now use the main view filter.
Agent Changes
  • Now supports Windows Vista on i386
  • Now supports Windows XP on x64
  • Now supports Windows 2003 on x64
  • Enhanced processing for various system monitoring changes
    • Processing a duration prior to reporting an alarm for the System Check
    • Supports foreign language notation in performance counter data that utilizes commas instead of decimal points
    • Fixed access rights required to query the status of some services that grant only read-only privileges
  • Agent now detects hibernate & suspend. Upon a resume event, the Agent generates entries into the agent log file so that the uptime history report will show the Agent as being powered down over the period. Prior to this, the uptime history report showed the Agent as being continuously online.

Known Issues

Deploy AgentsAgents can not be deployed over the network (using Install Agents function) to Vista machines unless UAC is disabled.
Agent InstallerThe agent is not compatible with Vista-64

Kaseya Managed Service Provider Software v4.7 - January 2007

Pre-Release Announcement

Platform SupportKaseya is ready for Windows Vista. Version 4.7 allows administrators to extend the power of automated IT services to workstations and servers running Windows Vista. In addition, Kaseya 4.7 now includes a Vista Readiness report that will identify which machines are ready for upgrade and which are not ready and why.

In addition, support for the Kaseya agent has been extended to systems running the Windows XP and 2003 64 bit operating systems.
AuditTo provide more detail to the information collected from machines during the audit process, the audit will now collect the Add/Remove Programs listing from managed machines.
Audit - Add/Remove Program ListingA new menu option has been added to view the Add/Remove Programs information. The Machine Summary and Software reports have been enhanced to support the reporting of the Add/Remove Program information.
Audit - Software LicensesIn version 4.7, the Software License audit will collect, display and report the corresponding product keys.
Patch ManagementThe enhancement and expansion of Patch Management is a continuous process. With version 4.7, the scope of platforms supported has been expanded. Support for Microsoft Office 2007 has been added along with various usability enhancements.
Patch Management - Supported PlatformsFull patch scan and patching functionality has been added for the following servers:
  • Exchange 2003 Server
  • Sharepoint Services 2.0 and 3.0
Patch Management - Microsoft Office Media LocationTo ease the process of patching machines with Microsoft Office, a function to specify the location of the Office media has been added. This function will allow the administrator to use a network share or a directory on the local hard drive as the Office installation source rather than the default CD-ROM.

This feature modifies the machine"šÃ„ôs registry so Office will look to the alternate location for the Office installation source. The source is validated to ensure that it is compatible with the installed edition/version of Office.
Patch Management - File SourceTo help ensure the reliable delivery of patches to a machine, the system will now alert the administrator when a LAN file source Machine ID no longer exists or if any of the required data is missing.
Patch ManagementTo further minimize the need for installation media when patching Office 2003, a new command line switch /MSOCACHE has been added.

The switch only applies to Office 2003. When the patch database is updated, this switch is automatically added to all Office 2003 patches. It is not automatically added to Office 2003 service packs.
Patch Management - Patch Database DistributionTo conserve bandwidth in an environment, the system allows for the designation of a local file share as the patch file source. To extend the conservation of bandwidth, the patch database, mssecure.xml, will also be distributed from the local file share if it is specified as the patch file location.
Remote ControlTo increase security, privacy and accountability, new features have been added to the Remote Control function. The administrator can now create access notification polices by machine. In addition, there is a new log to track the remote access.
Remote Control - Access Notification PolicyRemote control access notification policies can be created by machine. The access notification policy can be set for the following:
  • Silently Take Control
  • Display Alert if User Logged In
  • Ask Permission if User Logged In
The policy can be set to require the administrator to enter a note or reason for remote access as well as display a customizable message to the user informing them that the remote control session has ended.
Remote Control - LogsA new log has been added to the system to track the start and end of a remote control session along with administrator notes if required.

The Remote Control Log can be viewed and reported upon in the same manner as other logs within the system.
Kaseya AgentThe Kaseya agent is one of the key components of the system. The agent is responsible for the service delivery, data collection and overall management of the servers and workstations where it is installed. With each new version of Kaseya, the capabilities of the agent are refined and expanded. In version 4.7, the agent will now utilize a persistent connection with the Kaseya server. This enhancement provides huge benefits not only in version 4.7 but in the future releases of the Kaseya framework.
Kaseya Agent - ConnectionCurrently the agent uses a polling frequency to perform a quick check-in with the Kaseya server. With version 4.7, the agent will utilize a persistent connection with the Kaseya server. This persistent connection creates a series of benefits.
  • Reduced traffic
  • Scalability
  • Reliability
  • Performance
Once the agent establishes a connection with the Kaseya server, the connection stays open and the agent sends a very small communication packet to the server to tell it that it is still alive and keep the connection open. This greatly reduces the amount of traffic flowing between the agent and server and reduces the resources used by the server for communication.

The reduction in the amount of data flowing as well as the reduced resource usage on the server increases the scalability and performance of the system.

A persistent connection between the agent and server also increases the performance of the system. For example, a request to remote control a machine can now be carried out almost immediately.
Kaseya Agent - LAN WatchMore flexibility in defining the new device alert has been added in version 4.7. In previous versions, LAN Watch generated an alert when a new device was found on the LAN that had not previously been on the LAN for the last 7 days. This time period is now selectable.
ReportsNew reports are being added along with updates to existing reports. The details will be identified in the Release Announcement.
Real Time MonitoringTo increase performance, ease of use and the overall functionally of Real Time Monitoring, version 4.7 adds new features and enhancements in the following areas:
  • Console
  • Alarms
  • System Check
  • SNMP Monitoring
  • Logs
  • Reports
Real Time Monitoring - ConsoleSeveral enhancements have been added to the Console for increased performance and better visibility. These include:
  • The Group Alarm Status has been enhanced to provide the following:
    • User defined order for the Monitor Collections within the Group Alarm Status
    • Standard filtering of machines and views for the Group Alarm Status
    • Ability to display only alarmed machines in the Group Alarm Status
  • The Machine Online dials now have customizable zones to identify percentage displayed as red, green or yellow.
  • To provide better visibility and management of information, the charts and graphs within the console have been updated to provide more descriptive information.
Real Time Monitoring - AlarmsTo provide better tracking and analysis of Alarm information, a history of the note entries can now be kept on all Alarms.

To provide better visibility and management of the agent and SNMP monitoring, the system can now send an email notification when the alarm value transitions out of' its alarm state.
Real Time Monitoring - System CheckSystem Check verifies if a remote machine, such as a web server, is functioning by connecting to it on a recurring basis. To prevent temporary outages from sending alarms, the length of time a check must fail before issuing an alarm can be specified.
Real Time Monitoring - SNMP MonitoringThe SNMP monitoring in version 4.7 has been significantly enhanced. The enhancements provide increased performance and capacity, more depth in the information collected from devices and better presentation of the information collected. The following items have been enhanced:
  • Discovery
  • Device Information
  • Monitor Requests Processing
SNMP devices are discovered using one Kaseya agent per network. The agent will scan for SNMP devices and upon discovery, query the device. Based on the information returned, SNMP Sets to monitor certain object can be automatically assigned. This automates the setup process and allows for instant monitoring of the device.

In version 4.7, when an SNMP device is first discovered, a deeper initial request for SNMP information is being performed. This deeper request will automatically discover objects within the device that can be monitored. This will help ease the process of setting up the SNMP monitoring for a particular device. This information can be viewed from a new link that has been added on the Assign SNMP Monitor page.

To further aide the identification of devices, a new function has been added to allow for the entry of a user defined Device Name and Type. By increasing the information collected, displayed and defined for a particular device, the creation of monitor sets becomes easier and, the monitoring is more accurate which creates a more productive environment for the management of the machines and devices.
Real Time Monitoring - LogsData collected as a result of the Monitor and SNMP Sets is stored in the monitor log for query and reporting. In version 4.7, the monitor logs can be filtered to view entries that contain certain text or values.
Real Time Monitoring - ReportsThe following reports have been added:
  • 95th percentile (or 5th) for each counter with a comparison feature that allows two machines to be reported (trended) side-by-side
  • Trending reports with 'number of days' filter and comparison features
  • Trending reports for all SNMP Objects with comparison feature that allows two machines to be reported (trended) side-by-side
  • Monitor Configuration Report listing the monitor set configuration for the machines selected

New features in v4.6.3.0 - 21 August 2006

Minor Maintenance Release

MaintenanceFixed minor display related problems
Monitor - EditChanged 'alarm duration' logic. The system will now look back in the log table to see if there any records that were under the alarm threshold. If there are none, instead of going into 'alarm' (old behavior), it will continue to look to the next oldest log value. If that value is over the alarm threshold, the system will only then go into 'alarm'.
Monitor - ReportsAdded trending reports with 'number of days' filter and comparison features.
Monitor - Copy Settings'Copy Settings' will now include monitor sets.
Monitor - GeneralWhen a SNMP Community reference is removed, all related SNMP Agents will be removed also.
Monitor - EditWhen a monitor set is edited, the logs will not be reset unless the counter, service or process specific information is changed.
Monitor - LogsLogs now have icons that indicate that there are log entries for the corresponding monitor item.
Monitor - LogsAdded 'character match' filters to log tables. Allowing for searches of the log table entries (i.e. " ... show all service log entries like 'stop'")
Monitor - LogsAdded 'day range' filter to counter graphs (similar to SNMP logs).

New features in v4.6.2.0 - 19 July 2006

Minor Maintenance Release

MaintenanceFixed minor display related problems
Remote ControlAdded ability to independently set the screen width and height in terminal server sessions. See the Set Parameters function
LAN WatchIP scanning range is now restricted to 11 bits (2048 addresses)
Patch Mgmt - Initial UpdateModified the Initial Update screen to include update status from "scheduled" through the various "processing steps" to "completion".
Patch Mgmt - File SourceModified the File Source screen to improve the clarity of the source for the patch files and the patch file's destination on the target machine.
Monitor - EditAdded 'Group Alarm Column' selection as a step in the Add function for Monitor Sets and SNMP Sets.
Monitor - Assign MonitoringModified PerfMon commands to start counters after an agent machine has been re-booted.
Scripts (support of Monitor)A script named ExecuteSNMPWalk.has been included in the Sample Scripts/Config Changes area. This script is very valuable if the user is new to the SNMP device.
Reports - Patch ManagementThe Patch Status section of the Patch Management Report has been modified to display the same patch status as displayed on the Patch Mgmt - Machine Update page. Previously, the only statuses presented were "installed" or "missing". Now, more detailed status information is displayed when applicable.

New features in v4.6.1.0 - 30 May 2006

Advanced Monitoring, Backup, Ticketing, and more...

User Remote Control OptionsUsers logging in to remote control their machine are now presented with the standard remote control options prior to starting remote control.
Event Set alertsYou can now set independent email addresses for different event sets on the same machine ID. This lets you send alerts generated by different application events to different administrators.
Event SetsAdded the ability to import and export event sets.
Agent MenuDue to popular demand, we have returned to calling the agent the 'Agent'. All references to Client have been changed back to Agent.
Script DirectoryAdded ability to import and export entire script directories (all scripts and sub-directories in any script directory).
Script Commands
  • Added ability to temporarily disable a script step. Select Disable Step from the drop down control used to only run a script step for a particular operating system.
  • Managed Files directories now support sub directories.
  • Write Directory - Script command writes an entire directory structure to the remote machine
  • Get URL - Copy a URL from an FTP or Web site to the remote machine
  • Schedule Script - Allows a script to trigger scheduling of a script on another machine ID
  • IF check to determine if Service is Running
  • IF check to determine if Application is Running
  • IF Test File support Contains and Not Contains
Agent StatusAdded a Reset Filter button to quickly remove any advanced filter settings on the Agent Status function. The advanced filter may reduce the number of machine IDs displayed. Click Reset Filter to quickly display all machine IDs.
ViewsYou can now share views with other administrators or administrator roles. Click the Share button on the edit views page to set up share permissions. This release also adds significant filtering capability to views. You can now:
  • Show machines that have or have not been rebooted in the last N days/Hrs/Mins
  • Show machine that either contain a particular application or are missing a particular application. You can further refine this filter based on the application's version number. For instance, you can display only machine containing acrobat.exe v6.0.0.0 and up.
  • Advanced agent Data filter lets you display machines with parameters collected via audit. You can also apply Boolean logic to the filter using the same advanced filter capability found in the Agent Status function and the Aggregate Table report.
Run Audit schedules System InfoYou can now schedule System Info data collection in conjunction with Run Audit (under the Audit tab). System Info may cause high CPU utilization on the client and normally runs once after the first audit. Use the new checkbox option to schedule System Info collection to run again or run recurring for any checked machine. The System Info scheduler has been removed from the System Info data display.
Reset PasswordAdded a new option allowing you to specify whether to create a new account in the administrators group or not.
LAN Watch AlertIn previous versions, LAN Watch generated an alert when a new device was found on the LAN that had not previously been on the LAN for the last 7 days. That time period is now fully programmable. If you have a network where devices may be turned off for extended periods, increasing this value beyond the longest time a device remains off prevents that device from generating an alert when it turns back on.
Agent StatusAdded clickable column headers so you can sort this table by any column displayed. Clicking a header the second time sorts in reverse alphabetical order.
Status MonitorAdded a paging control to the status monitor. Previously you were limited to at most 100 machines. Now you can monitor all machines using the standard paging control.
AlertsWith the introduction of advanced monitoring, Alert functionality takes advantage of advanced monitoring by incorporating options beyond just simple email alerts. Alerts now support: alarms, email, script execution. The alert summary list on the Home page has been replaced with the alert status list on the monitoring console. Here you can Open/Close alerts.
Patch Installation IssueAn issue that prevented patches from being scheduled for installation by either Machine Update or by Automatic Update when the number of uninstalled patches for the specific machine was large (about 70) has been resolved.
Patch Mgmt - Windows Automatic Update ConfigurationA new Patch Mgmt function, Windows Auto Update, has been added under the Configure section. This function will report the machine's current Windows Auto Update settings for Windows 2000 (SP3 & SP4), Windows XP and Windows Server 2003. Additionally, an administrator may override the user's setting, including disabling it, and prevent the user from making changes.
Patch Mgmt - Initial UpdateA new Patch Mgmt function, Initial Update, has been added under the Setup section. This function allows an administrator to schedule a machine to be fully updated with all approved service packs and patches. This function is typically used after a new machine is initially scanned for missing service packs and patches and basically performs a 'patch-until-done' process.
Patch Mgmt - Exclude MachinesThis function has been removed. Use the manual scheduling (Machine Update and Patch Update) to control what machines get which patches.
Patch Mgmt - Patch UpdateThe capability to ignore a machine for a particular patch has been removed. Use manual scheduling (Machine Update and Patch Update) to control what machines get which patches.
Patch Mgmt - File SourceAdded option to copy the downloaded patch files to the temp directory on local drive having the most free space (default), or to copy them to the temp directory on the same drive where the Agent is installed.

New features in v4.5.0.1 - 18 October 2005
Updater change.

Updater change

Corrected a problem that failed to update correctly in rare situations. This data dependent problem only occurs in certain combinations of Microsoft SQL 2000 and IIS. This release handles any configuration and will safely update to v4.5.0.1

New features in v4.5.0.0 - 17 October 2005
Backup and Disaster Recovery, Enhanced Patch Management, and more....

Backup and Disaster Recovery

New optional add-on module providing complete volume and folder backup facilities. Scheduled offsite replication transfers all image backups to a remote FTP site at scheduled times.

Office Patch Installation

The Patch Mgmt system now supports Microsoft Office updates for Office 2000, Office XP, and Office 2003 on the Windows 2000, Windows XP, or Wondows 2003 operating systems.

Because virtually all Office 2000 service packs and patches require the user to provide the Office installation CD(s), the user must be logged in and must respond affirmatively to a dialog in order for the Office 2000 patches to be installed. If the user responds negatively or does not respond within five minutes or is not logged in, the patches will not be installed. On the Machine Update and Patch Update screens, those patches will display the following status: User not ready to install. Because of the requirement for the installation CD(s), these patches are excluded from installation when the machine is configured for Automatic Update under the Patch Mgmt tab.

All service packs and a few patches for Office XP and Office 2003 require the user to provide the Office installation CD(s). In these cases, the command line switch has been set to /INSTALL-AS-USER /DELAY-AFTER=60. This enforces the requirement that the user must be logged in and must respond affirmatively to a dialog in order for the Office service packs or patches to be installed. If the user responds negatively or does not respond within five minutes or is not logged in, the patches will not be installed. On the Machine Update andPatch Update screens, those patches will display the following status: User not ready to install. Because of the requirement for the installation CD(s), these patches are excluded from installation when the machine is configured for Automatic Update under the Patch Mgmt tab.

Those patches that do not require the Office installation CD(s) will be processed as any other patch, and will be installed when the machine is configured for Automatic Update under the Patch Mgmt tab.

Windows Messenger and MSN Messenger Patch Installation

The Patch Mgmt system now supports Windows Messenger (versions 4.7 and 5.x) and MSN Messenger (versions 6.x and 7.x) patch detection and where available patch installation. In some cases, actual patches are not provided by Microsoft because the fix has been provided in the latest version. On the Machine Update and Patch Update screens, those patches will display the following status: Product upgrade only. When this is shown, the user must go to the appropriate Microsoft web site and download/install the current version.

Patch Policy

Patch policy logic has been changed. From this release forward, if a patch is denied for a collection, then that patch will be denied for any machine belonging to that collection, even if that machine belongs to another collection that approves the same patch. This logic is the reverse of previous releases. The unassigned policy has been eliminated since it is no longer necessary with this type of logic. The system now approves all patches for deployment to any machine that belongs to no collections.

Windows Installer Patch Behavior

Patches for the Windows Installer are now automatically installed any time any other patch is installed. This was done to be consistent with Microsoft's Windows Update processing and because of patch dependencies on the current version of Windows Installer. Since the Windows Installer patches are automatically applied, they are no longer available under the Patch Approval function under the Patch Mgmt tab.

Patch Status

A new Patch Status function, under the Patch Mgmt tab, provides a quick summary of which machines are missing patches, have failed installations attempts, or have installations pending. There is also a new Test function on this page. Test will validate that the entire patch distribution and installation system functions properly with the selected machine's current settings. Use Test to verify a machine's setup if patch installs fail.

Patch File Source

Two new buttons, "Reload System Server" and "Reload File Server", have been added to the File Source function under the Patch Mgmt tab. The "Reload System Server" button will delete all exisitng patches on the KServer so that they will automatically get refreshed. The "Reload File Server" button does the same for the file server that is setup to be a source of patches.

Patch Report

  • Modified to pull patch history from both the script log and the patch status tables to form the patches installed last N days
  • Added a report category to show missing patches by machine
  • Added flag to exclude machines without data from any tabular sections of the report.

Exec Summary Report

Added extensive customization to this report . You can now add additional fields and completely control the network health score calculation.

Terminology Changes

A few minor terminology changes appear in this release to clarify system components better.

  • The Agent has been renamed the Client
  • The server component is now universally referred to as the KServer.
  • Administrator Roles - Changed administrator groups to be administrator roles

Time zone detection

Time zone detectionThe system now automatically detects the time zone of your browser and converts all displayed times from server time to your local timeTime zone detection. Furthermore, the time zone of each client is reported up. You can view the current time at a client by hovering the mouse over the status icon and viewing the tool tip (client update required). You can also view the local time at the client on the Single Machine Interface, under the Machine Info tab, by clicking the client status icon.

Delete Accounts

Deleting an account only removes the machine ID from the system. The all data associated with that account will not be removed until off hours. A new button has been added to the Delete function under that Client table to remove all data from the database not associated with a machine ID immediately.

Force Admin Password Change

You can now force any administrator to change their password at the next login. Both the Set Password and Create/Delete functions in the Admin Accounts section of the System tab support this. On the Set Password function just check the box in the far right hand column to flag an account as requiring a password change at the next login. Create/Delete support setting this flag at admin account creation time.

Login Hours

The new Login Hours function under the System tab lets you specify hours of the day and days of the week administrators may log into the system. Policy is enforced on a per administrator role basis.


  • The 1500 character input limit on tickets has been removed. Now you may enter as long a ticket note as you need.
  • Added ability to open a ticket in a new window. Clicking the icon to the left of the subject line, in View Summary, opens a new window at View Ticket for the selected ticket ID.
  • Added Archive/Delete function to delete or archive tickets en masse

Machine Changes Report

The Machine Changes report lets you compare all hardware and software differences between all selected machine's latest audit and either their own baseline audit or an audit from a single selected machine. Use this report to identify differences between a reference machine and all other machines on your network.

System Info

Changed this function to display data for one machine at a time, like Installed Apps and SW Licenses.

Alerts Tab

This release has renamed the tab formerly known as Monitor to Alerts. The functions under the Alerts tab focus exclusively on the alerting functions built into the standard system.

  • LAN Watch has moved to the Client tab.
  • Task Manager has moved to the Remote Cntl tab.

Admin Email Address

Master administrators can now set the email address of any administrator on the Create/Delete function in the Admin Accounts section under the System tab. Click the edit icon next to any email address to change it.


Modified Windows Firewall on XP to temporarily approve the FTP process during the FTP session. This prevents the Windows Block/Unblock dialog from popping up on remote user's screens.

Patch Deploy Wizard

Added ability to download a patch from a URL in the script built by this wizard.

Client Temp Directory

This release adds a new function named Temp Directory under the Client tab. This function lets you specify the directory used by the client to store temporary files.

Get Variable Script Command

This release adds the following options to the GetVariable script command: Client Temp Directory, file size, and file last modified date.

Run Now

A Run Now button has been added to scheduled scripts and tasks. Use this button to run the task immediately without modifying any existing recurring schedules applied for that task.

Bandwidth Throttle

You can now set a maximum bandwidth consumed by the client. Set the Bandwidth Throttle value in the Check-in Control function, under the Client tab, to the desired maximum rate. The default value is disabled to let the client use all available bandwidth.

File downloading

File extensions used for ticket attachments and Get File items had their file extensions changed to force some browser versions to download them correctly. IIS 6 (used by Windows Server 2003) blocks unknown file extensions by default. With this release, any files requiring new extensions have a .bin added to the end of the existing filename. IIS 6 recognizes the .bin extension by default.


Fixed a bug in the Migrate function that prevented public scripts and reports from importing properly.

Script Error Logging

Checking the "Continue script if step fails" check box, found on each script line, continues executing the script if that step fails. You can now optionally enable/disable logging of messages to the script log when a step fails but the script continues executing. To enable logging check the "Enable logging of script errors marked" found on the Configure function under the System tab.

First function after logon

You can now specify the first function displayed after logging into the system. Select the desired function from the drop down control in the Preferences function, under the System tab.

Client Menu Customization

You can now specify the tool tip appearing when the mouse hovers over the client icon. You can also customize the Contact Administrator label.

Client Installer Customization

You can now use a command line option to specify the title in the progress and dialog box windows shown to the user during installation of the Client. The Client installer also supports a new command line option to install with remote control disabled. To remote control the machine after installing with this new option, a user must first select the Enable Remote Control menu item from the client icon.

Task Manager

As mentioned above, Task Manager has been moved to the Remote Cntl tab. In addition, the Task Manager results window now provides a link to get more information about the reported process. Clicking the process name opens a new window describing any available information about what the process is used for and which company provides that process.

Reset Machine Filter

There is a new Reset button at the top where you can filter down the machines displayed with each function. Clicking the Reset button removes any filtering. Use this function when administrators can not find a machine and you feel they have a filter set up that restricts their view.

MSDE 2000 Service Pack 4

The Kaseya server installation with database engine now installs Service Pack 4 of the Microsoft SQL Server 2000 Desktop Engine (MSDE).

New features in v4.4.1.0 - 8 April 2005
Change Group function and several maintenance updates.

Change Group

A new function under the Agent tab named Change Group lets you move several machines into a new machine group at once. Use this command to re-organize machines by group.

Advanced Filter Notification

The advanced filter option, used in several reports and the Installed Apps function, now display Filter Active when the advanced filter is set, to limit the application list display. The system provides this notification as a quick visual aid to help determine why expected results do not appear in a report.

Manage Files

The Manage Files tool, accessed through the script editor, has expanded capability in this release. All files, both private and shared, are displayed as links allowing you to directly download any managed file directly through web interface. Click new icon on the Scripts toolbar to get direct access to the Manage Files screen.

Patch Reboot Option

The Do not reboot after update option, on the Reboot Action function under the Patch Mgmt tab, has an additional parameter to send out an email when the patch install completes. Set this option when you have a server, or some other unattended machine, being patched that you do not want to reboot after a patch install. Instead, the system sends you an email reminding you that a new patch has been installed and may not take effect until you reboot the server.

Database Clock Synchronization

v4.4 introduced the ability to separate the database from the rest of the Kaseya server. If you ran your database on a separate server, v4.4 required the clocks on the two servers to be roughly in sync with each other. This update removes that restriction. Server time now uses only the time on the database server as a reference.

Audit Update

Fixed an Agent bug that would occasionally not update the application audit list when applications were removed from a managed machine. This fix requires an Agent update.

Remote Control Encrypt

Encryption is now always on for both Control Machine and FTP. Prior to this release, encryption could be turned on or off as an option. Now the same encryption used to protect all other agent to server communications, protects remote control.

Edit Profile

Edit Profile under the Agent tab has been re-written to all multiple machines to be assigned the same contact information at once. Prior released used the Contact Name as a possible login credential, recuiring each contact name to be unique. User Acess provides the unique user login so Edit Profile no longer has this restriction.

Script Special Character

Scripts use the # character to identify named script variables (eg. #scriptVar#). Now the script editor lets you enter a # character in any parameter (if needed) without interpreting that as a script variable. Scripts interpret ## as a single # in any parameter field.

New features in v4.4.0.0 - 11 March 2005
Scripts Tab, Ticketing, Patch Management, Machine Summary, and more..

Database Separation

Kaseya now supports separating the SQL 2000 database to a different machine than the server running IIS. There is now a Change DB... button in the Configure function under the System Tab. For detailed instructions to separate your database server, see the online help for the Configure function.

Patch Management File Source

A new option has been added to the Pulled from file server option. The agent on the LAN server can now be configured to pull each patch file from the Internet or directly from the system server. Use the second option if your LAN does not have direct access to the Internet.

Patch Management Reboot Action

Reboot Action under the Patch Mgmt tab has been enhanced as follows:

  • A new option named If user logged in ask to reboot every N minutes until the reboot occurs. Use this option to nag users into rebooting without requiring then to reboot after a new patch installation. You may set N to be any number of minutes you choose.
  • All other 5 minute warnings are now programmable. You can choose any number of minutes you need.
  • Skip update if user logged in, has been changed to Skip reboot if user logged in to conform to the rest of the reboot options.


  • The system now prevents notifications being sent to the same email address used to process new tickets (defined in Email Reader).
  • A new drop down control remembers the last 10 ticket searches made by each administrator in the View Summary function.
  • The View Ticket function has a new button named Last Search. Clicking this button returns to View Summary and displays the results of your last search.
  • Displaying a ticket from the search results now displays all the ticket notes with the search key words highlighted so you can quickly find the section of interest in the notes.

Machine Summary

Clicking the status icon for any machine ID opens the Machine Summary interface. This release greatly expands functionality and enhances the user interface. Independent windows for each machine ID may be open simultaneously. The system divides functions into tabs, providing more screen space for each function, as follows:

  • Machine Info - Lists computer and network information collected by audit.
  • Installed Applications - Lists all applications found by audit.
  • System Info - Displays system info for this machine ID.
  • Disk Volumes - Lists disk information collected by audit.
  • PCI & Disk Hardware - Lists PCI information collected by audit.
  • Printers - Lists printer information collected by audit.
  • Pending Scripts - Lists all pending scripts plus a summary of recent script history. You may also end script schedules as well as schedule new scripts to run here.
  • Agent Logs - View all logs, of any type, for this machine ID.
  • Alerts - View and modify alert setup for this machine ID.
  • Patch Status - Displays patch configuration setup. Also displaysPatch History or Machine Update for this machine ID
  • Remote Control - Initiate remote control, ftp, or chat for this machine ID. Can also change remote control package type, preinstall or uninstall remote control package, and reset the password for this machine ID.
  • Agent Settings - Display or modify agent configuration information forCheck-In Control, Log Settings, and Edit Profile.

Scripts Tab

The Install tab has been renamed to Scripts. Two new functions have been added to this tab. Script Status moved from the Agent tab to the Scripts tab. The new Distribution function is also under the Scripts tab.


The Distribution under the Scripts tab displays a graphical view showing the time of day each recurring script executes for a group of machines. Some scripts heavily load both the network and the server. This tool provides a quick and easy way to evenly distribute that load across any time interval you choose.

Script Organization

Scripts are now grouped into three categories: My Scripts contains all private scripts for the currently logged in administrator. Public Script groups all the scripts available to all administrators together. Sample Scripts contain samples delivered with the system. You can also approve or deny access to each script category with Function Access under the System Tab.

Copy Settings

The Copy Settings under the Agent tab lets you copy all configuration data from one machine ID to any number of other machine IDs. Effected settings include pending script scheduled, alert setup, check-in control, log settings, audit configuration, patch configuration, and remote control configuration.

Set Credential

Set a login credential for the agent to use in Patch Management and the Use Credential script command. If a credential is present, then patch management installs all new patches using this credential. Therefore, Set Credential should always be an administrator credential.

Script Command Updates

  • The Script IF command now supports Contains and Not Contain comparisons for Check Variable and Check Registry Value. This comparison functions allows you to check whether a substring is contained within any script variable or registry value.
  • The IF Check Registry Value command has been fixed so that it can obtain the unnamed (Default) value from a registry key. Add a backslash as the last character in the path to the registry value to indicate to the script that the Agent should return the (Default) value. e.g. A scirpt IF Check Registry Value command with the name 'HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsWORDPAD.EXE' will cause the Agent to return the content of the (Default) value '%ProgramFiles%Windows NTAccessoriesWORDPAD.EXE' for the script IF command to check.
  • The Impersonate User script command has been updated to now operate on Windows XP with Service Pack 2 and Windows Server 2003, in addition to Windows 2000, XP Gold, and XP with Service Pack 1. This script command allows the use of specific user credentials to execute a file or shell command. This feature requires an Agent update.
  • Added script environment variable expansion to Script IF User response is Yes and to Execute Script commands.
  • Added Use Credential script command that uses the login credential assigned to each machine to run script steps that Executes as user. You may set a login credential for each machine using the Set Credential command under the Agent tab. Use Use Credential to execute a script with different login credentials on each machine. Use Impersonate User to execute a script with the same credential on each machine.

Event Log Alerts

You can now set multiple independent event sets for each event log alert. This lets you define event sets to detect specific application behavior. Then you can alert on many different sets without having to combine all the events into a single set.

A link to www.netid.net has been embedded into each event log alert email and the event log displays. Click the link to get more details and discussions of the particular event.

Install MSIExec Sample Script

A new sample script in the Sample ScriptsInstalls script folder under the Scripts Tab (formerly the Install Tab) installs MSIExec.exe on operatings systems that do not come with MSIExec by default. Win9x, NT4, and Win2000 do not automatically come with MSIExec. Some patches are distributed as MSI files and require MSIExec to install. Use this script when you need to deploy MSI packages to older machines without MSIExec already installed.

Function Access

Function Access under the System Tab can now give report group access to any administrator group.

Contact Administrator Link

Double clicking the agent icon selects the default item from the agent menu, Contact Administrator.... By default, this logs into the user access page with the access rights for that machine ID. You can now change that URL to anything you like. Optionally, you can also pass in the machine ID and/or group ID used by that agent in your custom URL.

Agent RAM audit

The Agent now correctly reports the amount of RAM on a machine that has more than 2 GBytes installed. This feature requires an Agent update.

Event Log Compression

The Agent now compresses repeated event log entries into a single entry to reduce the volume and processing load. The Agent adds the number of compressed events to the description of the single event log entry reported to the KServer. This feature requires an Agent update.

TCP/IP Connection Keep-Alive

A TCP/IP connection between an Agent and KServer may be dropped by router devices due to an idle timeout. For example, a NAT router may remove from its internal tables any connection that has not transmitted data in 15 minutes, which may be exceeded by an Agent auditing a machine with large disk drives or executing a large patch update. The result is a dropped connection that prevents the Agent from reporting that it completed the task, and so the KServer requests that the Agent perform the same task again at the next checkin. The Agent now keeps the connection open by periodically sending a keep-alive message during long running tasks. This feature requires an Agent update.

Check-in Policy

A global policy control has been added to the Check-in Policy function under the System Tab. A new checkbox labeled Allow automatic account creation for groups without a policy lets master administrators determine if new accounts may be automatically created when an agent first checks in for group IDs that do not have any check-in policy set. The default value allows automatic account creation.

Admin History

The Admin History function under the System Tab records the functions visited by each administrator. The system stores the last 30 days worth of activity, including all logins.

System Log

The System Log function under the System Tab records the last 60 days of system related activity not associated with any particular machine ID. Some examples include:

  • Deleting machine IDs
  • Failed and successful login attempts
  • Video streaming sessions
  • Starting/stopping of the KServer
  • Deleting trouble tickets assigned to a group (not a machine)
  • Scheduling reports

Alert Summary

A new Summary setting in the Alerts function under the Monitor tab displays a quick view summary showing what alerts are active on each machine. The email recipients list for each alert type appears if the alert is active on that machine ID. Active alert labels become links to the details for that alert. Clicking the link automatically selects the specific alert type and populates the form with the settings active in that alert.

Date format

The date format displayed has been changed to 9:55:50 pm 9-Jan-05 or 21:55:50 9-Jan-05. These formats are directly supported by Microsoft Excel and will support direct exporting of date fields in reports.

View Filter

Two new OS Type selection options have been added to views. All Servers lists only machine IDs with a server operating system loaded (2003, Server 2000, or NT Server). All Workstations lists non-server operating systems. Use this new view to quickly display only one class of machine.

Alert Email Management

Alerts, under the Monitor tab, has an enhanced editing feature allowing you to more easily manage the notification email addresses. Below the Email Recipients edit box, two new radio controls and a Remove button has been added. Selecting Add to current list (the default) will add the email address to the existing notification list. This prevents someone from inadvertantly over-writing the email list with just their email address. Select Resplace list to over-write the current list with a new list. Click the Remove button to quickly remove an email address for the list without alerting any other alert setting.

Skip if offline

Run Audit and System Info, under the Audit tab, now support the Skip if Offline flag. This lets you control exactly when a recurring audit runs. If the machine if offline at the scheduled time, audit gets rescheduled to run at the next scheduled time rather than at the very next checkin.

Logs Report

The Logs Report function under the Reports tab has been modified to run Event Log reports for any event log type, in addition to individual reports for the Application, Security, and System event logs.

Powered By Kaseya

Formerly the Powered By Kaseya logo that appeared in the top right corner of the web page when you replaced the Kaseya logo. The Powered By Kaseya logo no longer appears in the upper right corner of the web page. Instead, a smaller less obvious logo is displayed with the copyright notice at the bottom of each web page.

New features in v4.3.0.0 - 12 December 2004
Ticketing, Protection Functions, and more..

Email Created Tickets

With this release, the system may be configured to automatically create new tickets from an email. The ticketing system polls a POP email account and creates new tickets or add notes to existing tickets using the data from received emails. This feature lets you reply to an email and automatically add that data to a new or existing ticket. The Email Mapping function under the Ticketing Tab allows a set of defaults to be set-up to fill in the needed fields based on the email address or domain of the email address. Special tags can be put in an email to set field values specifically for an email. The special tags can affect the machine id, category, status, assignee, or priority. This special tag facility is how an existing ticket can have additional notes added.

Automatic Response

As an option in Notify Policy you can specify to send an automatic response email to the originator of an email created ticket. Master administrators can specify the canned message sent in reply to these emails. Use this message to let your users know their request has been received and is in process.

Assign Tickets to Groups

The ticketing system now allows tickets to be entered and associated with a machine group or a specific machine id. This facility allows issues that are not specific to a machine to be entered. An example of a specific tag would be ~ticid=532. A full list of these tags is provided in the help information .

Ticket Search

Search, part of the View Summary function under the Ticketing tab, restricts the list of tickets to only tickets containing any of the words in the search string. Search examines the ticket summary line, submitter name, submitter email, submitter phone, or any of the notes. Use the * character as a wildcard in the search string.

Ticket Merge

Merge lets you combine two tickets into one. Use Merge to combine related tickets. The resulting merged ticket contains all the notes and attachments from both tickets. Merge asks you which field values you wish to use in the ticket for all field values that are different between the two tickets. Merge is part of the View Summary function under the Ticketing tab.

Custom Fields

The Edit Fields function under the Ticketing Tab allow master administrators to create any number of new fields shown in tickets. New fields may be stings, drop down lists, or numbers. You can limit who sees or can modify each ticket field with the Access Policy function. Master administrators set each ticket field to Full Access, View Only, or Hidden on a per administrator group basis. You can also set access for users. Any change to a field setting automatically enters a new note for that ticket to log the change (this may be disabled in the Access Policy function).

Hidden Notes

Administrators can now add hidden notes to tickets that can only be viewed by administrators granted access to hidden notes in the Access Policy function. Use hidden notes to add comments or details you want to record and share with other administrators but not users or restricted administrators. Hidden notes are never included in email notifications.

Due Date Policy

Set the due date for each new ticket based on field values. Any combination of list fields may be defined to set a due date. This allows you to set a ticket due date based on the urgency of the ticket and a guaranteed level of service. You can manually override the due date policy on any ticket (if that administrator or user is given rights to edit the due date). Due dates that violate a policy are clearly highlighted.

Multiple Notify Policies per Group

You can now add multiple policies to each group ID in the Notify Policy function under the Ticketing Tab. This allows you do set separate email lists for each policy. For instance, you can set one email list for normal notifications, and a different email list for past due notification. When the assignee changes on any ticket, that administrator is always send a notification even if he is not on the notification list.

Ticket Read Flag

The system now flags when a ticket has been viewed by an administrator. Once viewed, each ticket is marked as read in the View Summary function under the Ticketing Tab. If any user or other administrator adds a note to that ticket, the original administrators View Summary displays shows the ticket as unread. Use this function to quickly identify tickets that have new information.

Submitter Information Fields

New fields have been provided for collecting the ticket's submitter, contact name, contact email and contact phone. These fields will default to user information of the user associated with a machine. These fields can be updated by an administrator where appropriate.

Agent Status Display

The Agent Status function under the Agent Tab is now fully customizable. You can add/more/delete any column of data from this page. Available columns include all the same columns available in the Aggregate Table report. Customize this page to give you an at a glance view of all your managed machines.

Application Audit

Audit now reports all instances of every application (.exe file). Prior to this release audit reported only one copy of an application if multiple were found.

Agent Network Monitor

A recent hotfix to the IPSEC portion of the TCP/IP stack introduced a conflict with the Network Monitoring driver (primarily on Windows Server 2003). The agent update with this release corrects that conflict. The Network Monitoring driver may be safely re-enabled. The new driver loads on the client machine the next time the system restarts.

Protection Functions

The Application Blocker and File Access can now block an application or protect a file located in any directory as well as in a specific directory. That means that you can block access to a file without worrying about the path. For example, if you block access to notepad.exe then the agent blocks all copies of notepad.exe on that machine. Protected/blocked files can not be renamed, moved, or deleted. This feature requires an Agent update on the managed machines.

Impersonate User Script Command

The Execute File and Execute Shell Command script commands may now be executed as a specific user. The new Impersonate User script command enables an administrator to specify the login credentials when a file or shell command is executed as the user. Using this command overrides executing as the user currently logged on. This feature requires an Agent update on the managed machines.

Get File Version

The option to get a the version number of a file has been added to the Get Variable script command. After retrieving the version number, then script variable may be used in subsequent IF script command statements for comparison against a specified value. This feature requires an Agent update on the managed machines.

Executive Summary Report

You can now customize the scoring algorithm for the Network Health Score on the Executive Summary Report. You can add more or less weight (or disable) to any of the five components that make up the score. The report now also has a fully customizable How to read this report section at the end of the report.

Aggregate Table Report

Group ID has been added to the Aggregate Table Report. By placing Group ID at the top of the item list, you can generate a report sorted by group ID.

Patch Management Report

The pie charts and summary tables now exclude all missing patches if they are marked as ignore in a Patch Approval policy.

Dashboard Tasks

The Tasks function on the Dashboard has been enhanced with this release. A reminder pops up when any task becomes past due. In the reminder dialog, you can ask the system to remind you again in a selectable period of time or simply dismiss the reminder. The main display now lets you edit existing tasks on your list and change the due date or text description.

Agent Download Page

You can now specify which packages are listed on the agent download page (dl.asp) when no id value is passed in. Check which packages appear in the list on the Deploy Agents function under the Agent tab. Only Master administrators can edit this list.

Default theme

You can now change the logo on the default theme to your own logo. Click on the Customize function under the System tab. Then click the last customize link labeled 'Customize the graphical user interface'. The customization page pops up. Scroll to the bottom and enter a new graphic image in the section labeled Corporate Logo.

Long Machine ID Display

You can now select different display rules when displaying long machine IDs. Each administrator specifies a display format in Preferences under the System Tab. You can select the normal format (that restricts the name length in order to preserve web page formatting) or a new selection that displays the entire machine name and allows it to wrap to new lines where needed.

Kaseya Hotfix reload

The Kaseya server can pull down and apply available hotfixes to itself when it runs Refresh patch database. At the same time, the server checks for any available hotfixes. If it finds new hotfixes that have not already been applied then the server downloads the hotfix and installs them. Click the Reload button to reload all hotfixes for your current Kaseya version number. Click the Scan Machine function under the Patch Mgmt tab to schedule Refresh patch database.

Event Log Alert Processing

The system now automatically compensates when any managed machine floods they system with event log entries. If more than 400 event logs are received in any 3 minute period, the system disables event log collection for that log on that machine.

New features in v4.2.0.0 - 30 September 2004
Dashboard, Collections, Improved Patch Management, and more.


The first function on the home page, View Dashboard, displays a quick summary of machine activity and highlights actions that need attention. The Layout function lets you customize the display of the dashboard. Dashboard items are:

  • System Status - Quick view listing status of system accounts and the database
  • Alerts - Lists recently generated alerts on all machines matching the current Machine ID / Group ID filter. This table displays alerts generated in the last 1 day in red, and in the last 7 days in yellow, highlighting recent events. You can adjust these thresholds.
  • Agent Status - Quick view showing the total number of machine online, offline, where a user is currently logged on, total under management, and a summary of all gateway addresses reported.
  • Patch Status - Pie chart showing machines missing patches.
  • Operating Systems - Pie chart showing operating system types for all machines.
  • Tickets - List all non-closed tickets assigned to you or are unassigned.
  • Messages - Send and receive messages between administrators. New messages displayed in popup window when the dashboard is viewed next.
  • Tasks - Create and assign tasks to yourself and/or other administrators. New tasks displayed in popup window when the dashboard is viewed next.

Machine Collections

The Machine Collections section under the Agent tab lets you create an arbitrary group of machines. Combine machines from multiple group IDs into a single collection and set up a View to work with just those machines. Collections are a powerful tool that works in conjunction with patch management, reports, and all the other features of the system.

Patch Management

The patch management system has been significantly improved as follows:

  • Now supports automatic detection and distribution of language specific patches. This release now detects the language your OS is loaded as, and deploys the patch corresponding needed by that language where applicable.
  • Detects if a reboot is needed after applying a patch. If the machine did not reboot, then a status Awaiting Reboot is displayed.
  • Automatic update can now be scheduled to run on a specific day of the week in addition to the time of day.
  • Reboot can be scheduled for a different time of day and day of week following a patch install.
  • Patch Approval for automatic update. Patches can now be approved/denied before going out as part of automatic update. With this you can set machines for automatic update and still have control over what patches push out or not. Patch approval lists can be independently set up on a per collection basis
  • Machine Update - You can now view and schedule patches on an individual machine basis. The Patch Update, formerly Apply Update, provides an easy way to push out a patch to all the machines in a group. Machine Update provides the complement to this function by drilling down to a single machine.
  • Patch Management Report - Two new fields are available in this report.
    Show patches installed in the last N days - Adds a new set of tables, one per machine, and list all patches installed by the system in the last N days.
    Bulletin ID Filter - Only display patches whose bulletin ID match pass the filter.
  • Command Line Switches - Two special command line switches are now processed for any patch. These are Kaseya system directives and are not passed to the installer program.
    /INSTALL-AS-USER - Forces the package to be installed as a user. If the user is not currently logged on then the install attempt is aborted.
    /DELAY-AFTER=xxx - After the install completes delay xxx seconds before proceeding. Use this switch to delay before the reboot occurs if required by the patch.
  • Silent patch download - the patch downloader has been rewritten to no longer show a command shell window in the task bar.

Database Views

A set of database views has been provided to allow clients to directly access data within the Kaseya repository. These views can be used by to bring data into a spreadsheet for analysis or to prepare reports. The online help provides a description detailing how the master administrator provides view access to users within their organization. Basic walkthroughs and two example applications, Crystal Reporting and Microsoft Excel.

Deploy Agents Wizard

You can now add any agent installer command line switches to an Agent Install Package. Step 3 of the wizard shows all the command line switches being used and lets you add in more. With this, you can create standard silent installs that install into any directory.


  • Executive Summary Report - This new report summarizes the status and health of all selected machines in one quick view. The report computes an overall score projecting the over all health of the managed group of machines.
  • Defining a collection in a view enables all reports to run using the list of machines defined in a collection.
  • The report logo has been enhanced to let you provide the entire report header of each report. Your own HTML can now appear across the full width of the top of each report.
  • Next to each report's Export is a checkbox labeled Remove header from the exported report page textis now customizable. Check to remove the header information and logo from the exported report to send just the data to Excel or Word.
  • The Aggregate Table report now has an additional column labeled Last Reboot listing the last known reboot time for each machine.
  • The Disk Utilization report has a new chart available. You can now generate a bar chart as a function of percent of disk full in addition to the two original report types (disk size bar chart and table of raw data).


  • A master administrator can set the default report logo seen by other administrators under the Report Logo function. Enter your default HTML in the section of the Customize function labeled Header HTML shown on all reports.
  • Download agent page text is now customizable. Enter your default HTML in the section of the Customize function labeled HTML displayed on agent download page. to insert link to package.
  • We have been informed that the copyright notice must state Kaseya in order to protect our rights to this product. As such, the copyright notice is no longer modifiable.

Last Reboot

The Agent Status function under the Agent tab now lists the last known reboot of each machine. The reset time is determined by the agent so reboot time is only determined after the agent is in place.

Install Wizards

Both the Patch Deploy and Application Deploy wizards now explicitly support distribution of MSI installation packages using the Microsoft Windows Installer.

Event Log Sets

Event Log Sets let you refine the matching filters used by event log monitoring nd event log reporting. With an event log set you can define complete filter parameters for individual events, and group them together into a set. For example, you can set up an event log set entry to only alert on event ID 1000 when the source is Internet Explorer. Each set may contain any number of event log definition filters.

Script Import

A new Script Import icon is displayed on the scripts toolbar. Clicking this (or the Import Script link in the script editor, opens the script import window. In addition to a button to upload a script file, there is now a place to paste in script text directly. There is also a link to a public forum where scripts can be shared with other users. The Export Script link in the script editor may also be used to submit scripts to this forum.

Send Email Script Command

The new Send Email script command allows any script to send an email. Input parameters are to address, email subject line, and email body. In support of this new command, the Get Variable command has been enhanced to let the script dynamically determine the machine ID the script is executing on. Combine this with Send Email to include the relevant machine ID in each email.

Ticketing Notification

Every email notification generated by the ticketing system, now includes a URL link referencing the ticket. Clicking the link to opens the corresponding ticket in a browser. If you are not already logged into the system, you will be prompted to log in first, and then automatically redirected to the ticket.

Tickets are now color coded in to highlight tickets that have been recently modified. Tickets that have had notes added or modified in the last 1 day show in red. Tickets modified in the last 7 days show in yellow. You can adjust these thresholds with the Dashboard Layout function.

Log Management

You can now set the maximum age limit for log entries independently for each log type. The Log Settings function under the Agent tab now provides a unique setting for alert log, agent log, configuration changes log, network statistics log, and script log. Event logs (application, security, and system) are limited to the 500 most recent entries each.

LAN Watch

The IP address range used by LAN Watch is configurable now. You can scan any IP range you want rather than only scanning the subnet set for that particular machine. The maximum allowable range is 65,536 contiguous addresses.

Preinstall Remote Control

The new Preinstall RC function under the Remote Cntl tab, lets you pre-load either WinVNC or RAdmin on any machine. Use this function to eliminate the extra wait for remote control install the first time you try to remote control a machine. A pending remote control install will be copied from a template account when a new machine ID is created, so you can combine the preinstall with new agent deployment.

Status Monitor

The Status monitor pop up window now supports Views just like the main machine filter control.

New features in v4.1.1.0 - 30 July 2004
Subgroups, Views, Patch Alerts, and more.

Machine Selection Control

The machine selection controls, located in area below the tab bar header and above all data displays, has been greatly enhanced with this release.

  • The Machine ID filter no longer requires a wildcard character (*). There is always an implied wildcard at the end of the string. You can still use the wildcard (*) anywhere in a string.
  • The page selector control has moved from the bottom of each data page to its new more convenient location below Machine ID. Now you always change pages from the same spot using a control that is always visible no matter where the data display is scrolled to.
  • The Select Machine Group control now supports machine subgroups. To maintain simple alphabetical ordering, machine groups are ordered from left to right with parent groups appearing first. eg. machname.group.subgroup.
  • A new Select View control sort machines on a wide variety of parameters, not just machine ID. eg. OS type.


Views allow you to display only the machines you are currently interested in. Define as many unique views as you need then quickly switch from view to view using the Select View control. Click the Edit button to create and/or modify views. Views in this release support:

  • Force a machine ID filter. This overrides a machine ID filter selection with the filter you set in this view.
  • Force group ID. Automatically change the group ID selected when this view is selected.
  • Show machine that have/have not been on line for a period of time. Quickly find only the machines that are currently online and available or identify machines that have not connected in weeks.
  • Connection gateway filter. Only list machines that are connecting to the server though the specified connection gateway IP address. You may use wildcards (*) in this field.
  • IP address filter. Only display machines whose IP address matches this filter. You may use wildcards (*) in this field.
  • OS Type. Only display machines running the specified operating system.
  • OS version filter. Only display machines matching the version string (see Name/OS Info function under the Audit tab). You may use wildcards (*) in this field.
  • Script schedule status. You may display machines based on how a specified script has run in last n days, has not run in last n days, passed, failed, is currently scheduled to run or not.

Machine Subgroups

Machine groups can now be divided into subgroups giving you significantly more ability to organize your machines to easily map into any organization structure. Subgroups may be created by either master or standard administrators. (Only master administrators may create top level machine groups.) Define subgroups using Machine Groups Create/Delete function under the System tab.

Admin Group
Function Access

Master administrators can now restrict any admin group to a sub set of the total system functions. For each admin group, you can turn on/off any of the VSA's functions and tabs. For example, you can prevent a class of administrators from accessing remote control and scripts, but still allow them to see audit and ticketing.

Alert triggered scripts

Task an alert to trigger any script you define with the Alerts function under the Monitor tab. You can run the script on the machine that triggered the alert or on any other machine you specify. The same data reported in the alert, is also passed to the script through temporary variables so your scripts may be highly customized. See online help for Alerts for details.

Patch Management -

Alerts are now part of the patch management system. The system sends the selected administrator an email alert when ever Scan Machine discovers one of the three different patch alert cases:

  1. A new patch is available for the selected Machine ID.
  2. A patch installation failed on the selected Machine ID.
  3. The patch location for a new patch available for any machine is missing. See Patch Location for details.

Patch Management -
Reboot Action

Reboot Action options have doubled. You get significantly more control to better fit your user's work habits. The three new settings are:

  • Warn user that machine will reboot in 5 minutes (without asking permission).
  • Skip update if user logged in.
  • If user logged in ask permission. Reboot if no response in 5 minutes. Reboot if user not logged in.
  • If user logged in ask permission. Do nothing if no response in 5 minutes. Reboot if user not logged in.

Patch Management -

  • Bulletin IDs are now linked to Microsoft's TechNet web site. TechNet provides detailed information about the bulletin in addition to the knowledge base Q references.
  • Patch deployment deletes the patch install package from the client machine after installation. You can now direct the system to leave the package in place by unchecking Delete package after install in the File Source function.

New Agent

  • Fixed problem in the network protection driver that conflicted with Active Directory. The network protection driver needs to be present prior to system logon. The prior version loaded dynamically when the agent loaded. Now, the driver loads at boot time so it only loads (or unloads) after a reboot. This approach also eliminates having to close and reopen browser windows when network protection activates.
  • The Agent now caches the last known server connection information. The last known connection data allows an Agent to reconnect even if the primary and secondary KServer addresses are set to invalid addresses on the Check-In Control page.
  • Execute File tasks will time out automatically after 2 hours to avoid hanging the Agent checkin process, for example waiting for user input to an unattended patch update executable that is running with incorrect command line parameters.
  • Supports a new KServer request to postpone a checkin if the server is experiencing high utilization. This allows the Agent to check in without adding significant processing to the server load. When the server load drops, the Agent will then be able to check in and perform the postponed tasks.
  • Missing sub-directories in file paths are now automatically created for files sent to the Agent with the Distribute File function.

Printers -
Full column width

Printers, under the Audit tab, will now display the full path names of all items. Check or uncheck the Full column width box to toggle between normal display and full column width display.

Reset Password

You can now create new local accounts on any managed machine using the Reset Password function under the Remote Cntl tab. If an account name does not already exist, then check the 'Create new account' checkbox and enter the new account name and password.

License Summary Report

This release contains a new Software Report titled License Summary. This report provides an at a glance view summarizing the number of machines running each operating system type, Microsoft Office type, and all other licensed applications discovered during the recurring audit.

Aggregate Table Report

Several new fields have been added with this release.

  • First Checkin Time - Timestamp when this agent first connected to the server.
  • Agent Version - Version number of the agent.
  • User Access Logon - Logon name for a user granted logon access under the User Access function.
  • User Access Remote Cntl - Shows whether remote control access has been granted to a user for this machine.
  • User Access Ticketing - Shows whether users can enter tickets for this machine.
  • User Access Chat - Shows whether chat is allowed for a user of this machine.
  • Primary KServer - Primary KServer address and port this agent is set to.
  • Secondary KServer - Secondary KServer address and port this agent is set to.
  • Quick Checkin Period - Quick checkin period for this agent.

Remote Control

This release supports upgraded versions of WinVNC (v4.0) and Remote Administrator (v2.2).

Run Windows Script

A new sample script titled Run Windows Script as been added to Sample ScriptsConfig Changes folder in the scripts area under the Install tab. This script shows how to deploy and run a Windows Script Host (WSH) script on any machine. Typically run either VBS or JScript scripts. This example JScript file writes a test error message to the Application Event Log.

System Info Scheduler

You can now schedule System Info collection to automatically run on a recurring basis.

New features in v4.0.3.0 - 30 March 2004
Windows 2003 server support.

Windows 2003 Server with IIS 6 Install

The Kaseya server may now be installed on Windows 2003 running IIS 6. The agent has supported Windows 2003 since version 3 of Kaseya.

Patch Management Report

Added graphical charts to the patch management report. These charts give an at a glance view of the patch status of all your machines.

View Ticket

Added a link to the machine interface popup window on each ticket. Clicking the machine ID link opens the machine summary window for the machine the ticket was issued against. Now you can have all information for the problem machine with one click, including the ability to launch remote control.

LAN Watch

Allow maximum address range scanned to be set from 8-bit to 15-bit address space. In previous versions the address range was limited to 8-bit (255 addresses).

Naming Policy

You can now add multiple name policies per machine group ID. This lets you rename machines in different IP ranges into the same group ID.

New features in v4.0.2.1 - 5 March 2004
Maintenance Release.

Patch Management

Improved detection and distribution of older patches, particularly for Windows NT4. Added ability to manually apply patches for machines set for Automatic Update. Added support for MDAC.

New GUI Theme

Added a new theme to the web GUI customization (Enterprise Edition only). Select Login Policy, under the System Tab, and click the bottom Customize link. Then select 'Banner' from the theme drop down control. There is now a Home link in the top tab area that brings you back to the start page seen immediately after login.

Agent Dialup Connection Fix

Fixed a problem introduced in version in which the Agent never detected the presence of a dialup connection, and therefore never connected back to the VSA server.

Custom Agent Icon

In addition to displaying your own icon for the Agent in the system tray with the Enterprise Edition, the Agent now also displays your custom icon in the dialog boxes that the Agent presents to the user.

User Login

A separate user login value is now saved for each user. Login Name is set in the User Access function under the Agent tab and is securely bound to the password. Contact Name is no longer used for this function and is free to be used for its original function of holding the computer user's name. Existing users will not be able to log in with the Contact Name. They must log in with the machine ID and the reset their login name (or the administrator may reset their password and set a new login name for them).

Database Maintenance Time

The Configure function under the System Tab now lets you set the time of day maintenance will be scheduled instead of always running at 02:00.

LAN Watch/Install Agents

Fixed a bug that prevented more than one agent from being installed at a time.

New features in v4.0.1.0 - 30 January 2004
Patch Management, New GUI, Script Manager, and more.

Graphical User Interface

The VSA user interface has been reworked to better organize functions and modernize the look and feel. The login pages, for both users and administrators, can be completely customized by a Master administrator using the Login Policy function under the system tab. The Enterprise Edition supports full customization of the entire web site and lets you replace the agent system tray icon with your own icon. See the Customize functions on the Login Policy function under the System tab.

Patch Management

Automated patch management has been added. The VSA will automatically detect when new patches need to be applied to each managed machine and install them. You can configure each machine to automatically install all patches or decide on a patch by patch basis for all machines in a group.

Deploy Agents

Added Deploy Agents and Agent Status (replacing Machine Accounts). This allows each administrator to define their own default agent package. Multiple install packages can also be created and deployed. You can now also share install packages with other administrators by clicking the Share button next to each install package definition. Install Agents now lets you select an install package to deploy (rather than use the default agent).

Admin Groups

You can now create groups of administrators and assign rights to those groups. Adding a new administrator to a group automatically gives that administrator all the rights and privileges assigned to that group. Each administrator group defines which machine group IDs they get access to, who they can share scripts and agent install packages with. Administrators may belong to multiple administrator groups.

Script Management

All scripts now live under the install tab and may be nested into folders. Share rights may, like Deploy Agents, also may be applied to scripts. This lets you share scripts with just any number of selected administrators without making the script public to all administrators.

Script Scheduler

Modified script scheduler to allow scripts to be scheduled to run on a recurring day of the month. Also there is not a checkbox to tell a script to not run if the agent is offline at the appointed time.

Page Control

There is a new control for selecting different pages of data on each screen. The page numbers have been replaced with a drop down control listing the first machine ID of each page in alphabetical order. This new tool allows you to quickly locate the page with any specific machine ID.

Get File Fix

Fixed a bug in the Get File script command that caused large file transfers to take exceptionally long.

Pending Scripts

Added a delete function to the Pending Scripts table in the single machine interface. This will let you remove any pending script from a machine if you need to.

New Sample Scripts

Added new sample scripts to backup My Doc and to initiate Startup Task. Use Startup Task on XP boxes that do not reconnect to the network after a reboot. XP will not connect to the network until an application first needs the network. The agent does not use the network unless a connection exists. The Startup Task script causes the selected PC to use the network one time immediately after startup. This lets the agent connect back to the VSA right away after a reboot. Do not use this script on machines with a dial-up connection to the internet.

App Deploy / Patch Deploy

Modify scripts generated through the wizard for App Deploy and Patch Deploy when the File Share option is selected. Instead of executing from the file share, which may not exist for the Agent when executing as the system, set up the script to do the following:
IF user is logged in
Drive to C:
GetVariable Drive as the Agent's install drive
Shell Cmd to mkdir #Drive#\Temp
Shell Cmd as user to copy "\filesharedir ile" "#Drive#\TempFile&"
ExecuteFile as system "#Drive#\TempFile"
DeleteFile "#Drive#\TempFile"
Reschedule script in 1 hour

Hide VNC Icon

VNC icon can now be hidden if the administrator desires it. Also, if a pre-existing password exists then the VSA will not alter it. This lets you set a password and use VNC directly without the VSA. Note: This release updates VNC to add the hidden icon capability. Old passwords are not saved when updating VNC. You will have to reload any passwords you want to use outside of the VSA.

Set Parameters

Separated out the RAdmin and VNC parameters into their own function, Set Parameters, under the Remote Control Tab. Also, now when you set User Notification to either Notify or Ask User, the admin name making the request is displayed to the user in the dialog box.

Uninstall RC

Uninstall RC function added to the Remote Cntl tab. Use this function to remove either WinVNC or RAdmin from the remote machine. If remote control fails with either of these packages, run Uninstall RC and then try Control Machine again.

Video Streaming

Video Streaming replaces Manual Control and is automated with ActiveX. Users no longer need to download and run the manual control package.

Report Changes

  1. Agent report changed to Machine Summary. With that single report you can now include applications for each machine (installed and hidden). You can also show application changes since the baseline with this report. All applications now splits the applications into two groups: installed and hidden. Install applications are those that show up in Add/Remove programs.
  2. Software report has been completely re-written and is significantly faster. There is also an advance search capability letting you locate software based on a Boolean search. eg. (("* adobe " OR *a*) AND *c*) OR NOT *d* AND < m
  3. Logs report - the event log report now accepts a string of event IDs. Before it accepted either a single ID or all IDs.
  4. The Aggregate Table report contains more items and also supports the advanced search capability.
  5. New Patch Management report supporting the patch management tab.

Agent Status Alert

Added a minutes category for the Agent Status alert Agent has not checked in for. Use minutes to monitor servers you need quick notification for when they go offline.

Scheduled Reports

Added edit icon to Scheduled Reports. Click to edit existing scheduled reports parameters.

HW Audit - Net Protection

Removed Enable HW Audit and Enable Net Protection checkboxes from Agent Tab - Create and Audit Tab - Run Audit. There is now an Enable/Disable button on the Run Audit function to turn on/off the PCI audit driver. Enable Net Protection is now controlled from the Monitor Tab - Network Access function. This lets you easily toggle the state of multiple machines at once instead of having to do each individually.

Audit Schedule

Allow audit to be scheduled to run at a time of day

Protection Functions

File Access and Network Access have been re-written to simplify the user interface. Application Blocker function has been added to prevent selected applications from ever running on a machine.

Administrator Logon Name

Administrators can now change their logon name by selecting the Admin Profile function under the system tab.

Administrator Log Off

Master administrators can now log off any other administrator on the system. See the Enable / Disable function under the System Tab.

System Tab Restructured

System Tab functions have been completely restructured into function groups: Admin Accounts, Admin Groups, Machine Groups, and VSA Server Management.

Configure VSA and Statistics

Server Info has been renamed to Configure VSA. There is also a new function below it named Statistics. All VSA server stats have been moved from the Configure VSA page to the Statistics pages. There are also several more statistical parameters reported such as number of agents currently online (also now reported on the Status Monitor).