# Exporter for Secure File Transfer Protocol (SFTP) server {% hint style="warning" %} This documentation references external sources. Nexthink does not have control over the accuracy of third-party documentation, nor any external updates or changes that might create inconsistencies with the information presented on this page. Please report any errors or inconsistencies to [Nexthink Support](https://support.nexthink.com/). {% endhint %} Data Export allows you to export Nexthink data insights to an SFTP server using comma-separated CSV files and in UTF-8 format. Configure the SFTP server to store data and create a Data Export in the Nexthink web interface to distribute it. ## Prerequisites You must set up an SFTP server to obtain credentials. If you already configured an SFTP server, jump to the [Configuring (SFTP) connector credentials](#exporterforsecurefiletransferprotocol-sftp-server-configuringsftpconnectorcredentialsinnexthinkcrede) section on this page. Follow the steps below to create an SFTP server in Azure, which is only one of multiple providers: * [Step 1 - Create a storage account in the Microsoft Azure portal](#exporterforsecurefiletransferprotocol-sftp-server-creatingastorageaccountinthemicrosoftazureportal-o) * [Step 2 - Create an Azure DL container within a storage account](#exporterforsecurefiletransferprotocol-sftp-server-creatinganeazuredlcontainerwithinastorageaccount-o) * [Step 3 - Obtain SFTP credential](#exporterforsecurefiletransferprotocol-sftp-server-obtainingsftpcredentials-optional-step3) {% hint style="info" %} The SFTP data exporter can be configured to work with any other SFTP server available. {% endhint %} ### Creating a storage account in the Microsoft Azure portal (Optional) Create a file system using the general purpose v2 storage account in the Azure portal (not a data lake storage gen1): 1. In the Azure portal menu, select **All services**. 2. In the list of resources, type *Storage Accounts*. 3. Select **Storage Accounts**. 4. Select **Add** in the Storage Accounts window. 5. Select the subscription for which you want to create the storage account. 6. Select **Create new** under the **Resource group** field. Enter the name of your new resource group. If a resource group already exists, select it from the drop-down list.
Exporterfor(SFTP)server-CreateStorageSFTP.png
7. Enter the name of your storage account. The name must be unique across the Azure portal and between 3 and 24 characters in length. It should include numbers and lowercase letters only. 8. Select a location for your storage account or use the default location. 9. Fill in the information for the rest of the tabs, **Advanced**, **Networking**, **Data Protection**, **Encryption** and **Tags**. 10. Select **Review + Create** to review your storage account settings and create the account. ### Creating an eAzure DL container within a storage account (Optional) 1. Locate your newly created storage account under **Storage accounts**. 2. Select the storage account you want to use. 3. You need to create a new container. 4. Select **Containers**, add a new container and enter a meaningful name for it, for example, openbridge-sftp. 5. Make sure access is set to **Private (no anonymous access)**. 6. Click on **Create**.
ExporterforSFTP-Containers.png
### Obtaining SFTP credentials (Optional) 1. Under **Settings**, select the **SFTP** option in the menu on the left.
SFTP option
2. Add a local user. 3. In the **Username + Authentication** tab, insert the username and select the password authentication method.
Username plus Authentication
4. In the Container permissions tab, select the container defined in [Step 2](#exporterforsecurefiletransferprotocol-sftp-server-creatinganeazuredlcontainerwithinastorageaccount-o), then grant permissions to access the container and insert the root directory. The root directory must exist in advance.
Container permissions
{% hint style="info" %} The **Home (landing) directory** must be a string with the pattern *container\_name/folder*, otherwise the system won’t configure it properly. The system cannot locate the landing directory in the container’s root, only in a folder that exists in the root. {% endhint %} 5. Copy the password that the system has generated once you have created the user. 6. Once you configure the user, save the following values to configure the connector credentials in the Nexthink web interface: * Username * Connection string * SSH password ## Configuring SFTP connector credentials in Nexthink Configure the credentials to access the SFTP server from the Nexthink web interface: 1. Select **Administration** from the main menu. 2. Select **Connector credentials** located under Integrations in the navigation panel.
Accessing connector credentials
1. Click on the **New credential** button located in the top-right corner of the Connector credentials page. 2. Enter a unique **Name**. 3. Select **Secure File Transfer Protocol (SFTP)** as Protocol to reveal additional form elements. 4. **Hostname**: `sftp://:` from [Step 3](#exporterforsecurefiletransferprotocol-sftp-server-obtainingsftpcredentials-optional-step3). 5. **SFTP server fingerprint**: execute the command `ssh-keyscan .blob.core.windows.net` in the command line interface and copy the entire string starting with the most secure supported host key algorithm. * For a list of supported host key algorithms, refer to the *Connector credentials for SFTP* section in the [Connector credentials](https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/integrating-nexthink-with-third-party-tools/outbound-connectors/connector-credentials) documentation.
ExporterforSFTP-FingerprintECDSA.png
6. **Authorization**: BASIC 7. **Username**: `` from [Step 3](#exporterforsecurefiletransferprotocol-sftp-server-obtainingsftpcredentials-optional-step3). 8. **Password**: `` from [Step 3](#exporterforsecurefiletransferprotocol-sftp-server-step3). 9. Click **Save**. Refer to the [Connector credentials](https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/integrating-nexthink-with-third-party-tools/outbound-connectors/connector-credentials) documentation for more information. ## Creating an SFTP data exporter in Nexthink Configure the outbound connector to export data to the SFTP server: 1. Select **Administration** from the main menu. 2. Click on **Outbound connectors** from the Integrations section of the navigation panel. 3. Select **Data Exporter** from the table. 4. Click on the **New exporter** button in the top-right corner of the page. ### General tab
ExporterforSFTP-GeneralTab-2.png
* **Name:** enter a meaningful name for the data exporter. * **Description:** enter a meaningful description of the goal of the data exporter. * **Active:** switch on the toggle to enable the exporter. * **Credentials:** define credentials from the third-party tool that the data exporter sends the data to. Refer to [Connector credentials](https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/integrating-nexthink-with-third-party-tools/outbound-connectors/connector-credentials) for more information. * **Maximum file size:** define the maximum file size generated by Data Export. If the data set from a specific **NQL query** is larger than the specified file size, it splits it into several separate files. ### Data tab
SFTP_data_tab.png
* **Scheduling frequency:** define how often the system executes the NQL query and exports data. The available options are: * **Hourly:** The system triggers the data export data based on the value selected in the drop-down menu. For instance, every 1h, 2h, 3h, 4h, 6h or 12h. * **Daily:** The system triggers the data export every day at 00:00 of the timezone where the Nexthink cloud instance is located. * **Weekly:** The system triggers the data export weekly, on the selected day at 00:00 of the timezone where the Nexthink cloud instance is located. For **Hourly** and **Daily** scheduling frequencies, the system waits 20 minutes to execute the data exporter to allow the previous bucket to close properly for data completeness. {% hint style="info" %} You must select a value for the **Recurrence** option because the system does not generate a default value and does not indicate that the value is missing during the validation process. {% endhint %} * **NQL query**: Enter the NQL query to generate the data you wish to export to the destination. * **Directory (optional):** Define the directory within the container credentials from the third-party tool that the data is exported to. You must have created the directory in the third-party tool beforehand. * **File name:** Enter the filename created in the destination. Underscore is the only special character supported, for example: *CMDB\_importer\_devices*. ### Testing the SFTP data exporter Click the **Tests load up to 20 records** button to validate the connection before saving the configuration. * If the NQL query and the connection are valid, a message appears indicating that the query results has been successfully delivered. * If the NQL query or the connection is invalid, a message appears informing about the error details. {% hint style="info" %} Refer to the [Managing data exporters](https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/integrating-nexthink-with-third-party-tools/outbound-connectors/data-exporters/managing-data-exporters) documentation to learn more about data exporters creation, editing, deleting and disabling. {% endhint %} ## NQL examples for SFTP data exporters List of packages ``` package.packages | list name, publisher , version ``` List users that are not Local ``` users | where name !in ["*Local*"] ``` List of users that have connected to a device ``` session.connects during past 7d | where hardware.type == laptop or hardware.type == desktop | summarize c1 = count() by device.name, user.name, user.ad.full_name | list device.name, user.name, user.ad.full_name ``` List of laptop and desktop workstations ``` devices | where hardware.machine_serial_number != ""  and (hardware.type == laptop or hardware.type == desktop) | include cpus | compute  num_of_cores = number_of_cores.count(),  number_of_cpus = count(),  freq = frequency.sum() | include disks | compute disk_capacity = capacity.sum() | list group_name, last_seen, first_seen, entity,  hardware.manufacturer, hardware.model,  operating_system.architecture, hardware.machine_serial_number,  name, hardware.memory, num_of_cores, number_of_cpus, freq, disk_capacity, operating_system.name, operating_system.build  ``` List of packages installed on a specific device ``` package.installed_packages | summarize  c1=count() by package.name, package.version, device.name | list package.name, package.version, device.name ``` ## Troubleshooting Guide ### Wrong credentials There are many mechanisms to check whether the SFTP credentials are working: * **Windows**: Refer to [Test sftp Connection from Windows and Linux article](https://simplyfies.com/2021/12/13/test-sftp-connection/) (external link). * **Linux**: Execute this command in the terminal `sftp -P 22 @` * **For SFTP clients such as FileZilla or WinSCP**: Configure a new connector with the credentials defined in the documentation and check whether the system can establish a connection. ### Error exporting the data * Check with the [Nexthink support](https://support.nexthink.com/) team. ## FAQ
Can I use the ssh-rsa as an SFTP server fingerprint? Yes, but it depends on the SFTP server configuration. If it has several protocols available, you should choose the most secure one, otherwise, the system may throw errors when connecting.
Can I specify the name of the file to be exported? Yes, the exported content is within a file with the following naming convention: `${file_name}_X_yyyymmdd-hhmmss.csv` where `X` represents the number of the file and `yyyymmdd-hhmmss` the timestamp. When executing **Tests load up to 20 records**, the exported content is within a file with the naming convention: `Test_X_yyyymmdd-hhmmss.csv`
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.nexthink.com/platform/configuring_nexthink/bringing-data-into-your-nexthink-instance/integrating-nexthink-with-third-party-tools/outbound-connectors/data-exporters/exporter-for-secure-file-transfer-protocol-sftp-server.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.