Event Connector

Contents

Event Connector

Overview

The purpose of the Nexthink Event Connector is to transform Nexthink data into meaningful events to be populated in a third-party application like ServiceNow, Splunk, or Azure Data Lake Storage Gen2.

Event modes

  1. Punctual: this is a one-time event (like for example an Outlook crash).
  2. Listing: this type of event is intended to list any type of object (devices, connections, events…). Its main purpose is reporting/inventory– it is the most common event used in Splunk.
  3. Listing advanced: very similar to the Listing event but intended to list events. Several updates for the given event – More processing is required
  4. Long-lasting (Splunk only): this is a durable event, one that lasts through a given period of time. The connector will report a “start” event and subsequent updates (for example, a situation in which a device is experimenting a high memory consumption). Having multiple updates for a given event may slow down the performance.

Event types

Device Errors

Errors directly impacting device’s hardware or OS that requires quick IT attention Often critical, preventing the user from working properly.

Examples:

  • System Crash (BSOD, Blue Screen of the Death)
  • Hard Reset
  • SMART disk failure
  • Long Log-on times
  • Device Boot

Execution Errors

Application and productivity tools errors that crash or are not responsive. Create significant employee frustrations. Can be critical.

Examples:

  • Freeze applications, like Office 365 not responsive
  • Crashes, like an Outlook crash
  • Long Lasting Executions

Devices Warnings

Warnings about the state of the device and activities that can lead to future issues. Early symptoms of issues that will soon impact employee like:

  • High CPU Usage
  • High Memory usage
  • High IO Usage
  • High number of page faults

Software metering

Real-time monitoring of all (or selected) applications running on the computers

  • Software installation
  • Software uninstallation

Connections monitoring

Real-time monitoring of connections like:

  • Failed Connections like Teams not connecting
  • Established Connections
  • Failed Web Request like Web-browser not loading
  • Established Web Requests
  • Port scan

Installation and configuration

For the installation and configuration of the Nexthink Event Connector refer to this page.