Event Logs

Contents

Event Logs

Description

With two dedicated Nexthink Act remote actions, explore and analyze meaningful events that happened in the past on the devices. Useful, for example, to speed-up troubleshooting of issues.

Platforms

  • Windows only.

License modules

  • Nexthink Act.

Compatibility

  • Nexthink V6.12 and later.

Script Get Event Log

  • Version 1.0.0.0

Script Description

The script retrieves a given number of entries from an event log (max 1 000) and redirects the output to a text file. The file can be directly opened from the Finder by creating and executing a Custom Action. Useful for troubleshooting issues by analyzing events that occurred in the past.

Execution context and suggested scheduling

Run the script manually as local system.

Parameters

ID Name Description
1 LogName This can be an Application, System, or a custom log name.
2 ProviderName The Provider Name registered with the event log as source of entries. Type in "" if you do not wish to filter on the Provider Name.
3 SeverityLevel The severity level associated to the entries in the event log. The accepted values are Critical, Error, Warning and Information. When a level is specified, the script returns the events having either that severity level or an higher one. Type in "" if you do not wish to filter on the Severity Level.
4 EventID The ID used to define the uniquely identifiable events that a Windows computer can encounter. Type in "" if you do not wish to filter on the Event ID.
5 OutputDirectory Location where the output file will be created.
6 NumberOfEvents The number of events that the script will return (max 1 000).

Outputs

ID Label Type Description
1 Output File String Complete path of the output file.

Script Get the number of events in the Event Log

  • Version 1.0.0.0

Script Description

The script returns the number of events occurred in the last n minutes, categorized by severity level (Critical, Error, Warning, and Information). Useful for having an overview on the presence of meaningful events in a given timeframe.

Execution context and suggested scheduling

Run the script as local system through manual triggering.

Parameters

ID Name Description
1 LogName This can be Application, System, or a custom log name.
2 ProviderName The Provider Name registered with the event log as source of entries. Type in "" to not filter by Provider name.
3 EventID The ID used to define the uniquely identifiable events that a Windows computer can encounter. Type in "" to not filter by Event ID.
4 DuringLastMinutes Number of minutes indicating the timeframe under analysis.

Outputs

ID Label Type Description
1 Number Of Information UInt32 Number of events with severity "Information" occurred in the specified timeframe.
2 Number Of Warning UInt32 Number of events with severity "Warning" occurred in the specified timeframe.
3 Number Of Error UInt32 Number of events with severity "Error" occurred in the specified timeframe.
4 Number Of Critical UInt32 Number of events with severity "Critical" occurred in the specified timeframe.