# Windows Desktop Monitoring System

A comprehensive solution for monitoring Windows machine reboots and system events with Discord notifications.

## Overview

This system monitors Windows desktop/workstation machines for:
- System startups (normal and unexpected)
- System shutdowns (planned and unplanned) 
- Reboot reasons (Windows Updates, power outages, user-initiated)
- System uptime and boot statistics

## Files

### Core Components

- **`windows-reboot-monitor.ps1`** - Main PowerShell monitoring script
- **`windows-reboot-task-startup.xml`** - Task Scheduler configuration for startup monitoring
- **`windows-reboot-task-shutdown.xml`** - Task Scheduler configuration for shutdown monitoring
- **`windows-setup-instructions.md`** - Complete installation and configuration guide

## Features

### Notification Types

- 🟢 **Normal Startup** - System booted normally after planned shutdown
- 🔴 **Unexpected Restart** - System recovered from power loss, crash, or forced reboot
- 🟡 **Planned Shutdown** - System is shutting down gracefully

### Information Captured

- Computer name and timestamp
- Boot/shutdown reasons (Windows Update, power issues, user actions)
- System uptime duration
- Boot counter for tracking restart frequency
- Event log analysis for root cause determination

### Technical Details

- **PowerShell Script**: Robust error handling and logging
- **Task Scheduler Integration**: Runs automatically on system events
- **Discord Webhooks**: Rich embedded notifications with color coding
- **Event Log Monitoring**: Analyzes Windows System logs for detailed context
- **Configuration Management**: Persistent storage of settings and statistics

## Use Cases

### Primary Scenarios
- **Power Outage Detection** - Immediate alerts when systems restart unexpectedly
- **Windows Update Monitoring** - Track when systems reboot for updates
- **System Health Tracking** - Monitor restart frequency and patterns
- **Remote System Awareness** - Know when remote machines come online/offline

### Advanced Features
- **Reason Classification** - Distinguishes between planned and unplanned reboots
- **Uptime Tracking** - Reports system availability metrics
- **Historical Logging** - Maintains local logs for troubleshooting
- **Configuration Persistence** - Settings survive reboots and updates

## Installation Requirements

### Prerequisites
- Windows 10/11 or Windows Server
- PowerShell 5.1 or later
- Administrator privileges for Task Scheduler setup
- Network connectivity to Discord
- Discord webhook URL

### Dependencies
- Windows Event Log service
- Task Scheduler service
- PowerShell execution policy allowing script execution

## Security Considerations

- Scripts run with SYSTEM privileges for reliable event monitoring
- Webhook URLs stored as environment variables (not in scripts)
- No sensitive system information transmitted in notifications
- Local logging for audit trail
- Execution policy restrictions honored

## Integration Points

### Discord Integration
- Rich embedded messages with color-coded alerts
- Structured data format for easy parsing
- Error handling for network failures
- Retry logic for temporary connectivity issues

### Windows System Integration
- Event Log monitoring (IDs 1074, 6008, boot events)
- Task Scheduler automation
- WMI queries for system information
- Registry access for configuration persistence

## Troubleshooting

Common issues and solutions documented in setup instructions:
- PowerShell execution policy problems
- Network connectivity issues
- Task Scheduler permission errors
- Discord webhook validation failures

## Monitoring Capabilities

### Event Detection
- **Startup Events**: Boot completion, login ready state
- **Shutdown Events**: Planned shutdown initiation
- **Crash Recovery**: Unexpected shutdown detection
- **Update Reboots**: Windows Update initiated restarts

### Data Collection
- **System Metrics**: Uptime, boot time, restart counts
- **Event Correlation**: Links shutdown/startup events
- **Reason Analysis**: Determines root cause of reboots
- **Trend Tracking**: Historical restart patterns

## Deployment Strategy

1. **Single Machine**: Direct installation following setup guide
2. **Multiple Machines**: Script deployment via Group Policy or management tools
3. **Enterprise**: Integration with existing monitoring infrastructure
4. **Home Lab**: Centralized Discord channel for all systems

This monitoring system provides reliable Windows desktop/workstation oversight with minimal resource impact and maximum visibility into system events.