Components of Collector
Overview
Nexthink Collector comprises a set of services and libraries that gather information about the devices in your corporate network and their activity. Collector sends all the gathered information to a Nexthink instance, where the system processes and stores it. Additional Collector components deal with the features provided by optional Nexthink products. Other components help you with the installation and configuration process.
Find in this document the description of all the different components and the filesystem paths where to find them on the devices after installation. This article details as well the registry keys and the additional files created or modified during installation.
Windows Collector
The Windows version of Collector includes the following set of components:
Windows Collector binaries
For all versions of Windows, the system installs the following components:
Main driver
A kernel mode driver that gathers valuable information from employee devices
Network specific driver
A kernel mode driver that detects network connections
Helper service
A Windows service that complements the main driver by collecting additional information
Printing info library
A dynamic link library that is responsible for detecting printing activity
Automatic updates
A component of Collector that is responsible for downloading new versions and updating the installed components
Coordinator
Coordinator is responsible for establishing and maintaining a network connection with the Nexthink instance. Other components share that connection for the purpose of communication with the instance.
Nexthink Engage
Components for presenting campaign questions and getting answers from employees
Nexthink Act
Components that manage the execution of remote actions
Nexthink Reporter
A troubleshooting tool that creates debug reports for specific support cases
Nexthink Event Log Provider
A component for logging events in the Windows Event Log
Nexthink Application Experience
A component for monitoring business applications
Command line configuration tool (optional)
A tool to configure Collector from the command line
| Component | File | Path |
|---|---|---|
Helper service for automated updates | nxtcssu.exe |
|
Main driver | nxtrdrv.sys |
|
Network specific driver | nxtrdrv5.sys |
|
Helper service | nxtsvc.exe |
|
Printing info helper library | nxtdll.dll |
|
Nexthink Event Log Provider | nxteventprovider.dll |
|
Immersive apps | nxtwrt.dll |
|
Application start time | nxtwpm.dll |
|
Application start time | nxtwpm.dll |
|
Coordinator service | nxtcoordinator.exe |
|
Campaigns coordinator | nxteufb.exe |
|
Remote actions coordinator | nxtcod.exe |
|
Updates coordinator | nxtupdater.exe |
|
OpenSSL |
|
|
Campaigns |
|
|
Remote actions |
|
|
Reporter | nxtreporter.exe |
|
Web application monitoring | nxtbsm.exe |
|
nxthostapp.exe |
| |
Command line configuration tool | nxtcfg.exe |
|
Registry keys
During installation, Collector creates the following keys in the Registry of Windows:
Additional files
Find the Collector log files here:
%windir%\nxtsvc.log%windir%\nxtsvc.1.log%windir%\nxtsvc.2.log%windir%\nxtupdater.log%windir%\nxtupdater.1.log%windir%\nxtupdater.2.log%windir%\nxtcoordinator.log%windir%\nxtcoordinator.1.log%windir%\nxtcoordinator.2.log%windir%\nxteufb.log%windir%\nxteufb.1.log%windir%\nxteufb.2.log%windir%\nxtcod.log%windir%\nxtcod.1.log%windir%\nxtcod.2.log%temp%\nxtray.log%temp%\nxtray.log.<timestamp>
Finally, Windows creates a cached copy of the kernel drivers in two folders whose names start with the name of the drivers (nxtrdrv and nxtrdrv5, respectively) followed by a unique identifier that depends on the version of the driver itself. Find the folders here:
%windir%\System32\DRVSTORE
The Nexthink Reporter tool creates its logs and reports here:
%temp%\nxtreporter[reportID].log%temp%\nxtreport-[hostname]-[reportID].zip
Mac Collector
The macOS version of Collector includes the following set of components:
Files
Main service
A macOS daemon that gathers valuable information from employee devices
Coordination service
A macOS daemon that synchronizes with the appliances to provide services such as automatic updates, employee engagement and execution of remote actions in the near future
Application monitoring
A macOS daemon that is in charge of gathering specific data for business applications
| Component | File | Path |
|---|---|---|
Main service, device level data acquisition | nxtsvc |
|
User level data acquisition | nxtusm |
|
Coordination service | nxtcoordinator |
|
Campaigns | nxteufb nxtray.app |
|
Automatic Updates | nxtupdater |
|
Remote Actions | nxtcod.app nxtraoutput |
|
Web Application monitoring | nxtbsm |
|
Web Application monitoring | nxthostapp |
|
Additional files
| Component | File | Path |
|---|---|---|
Configuration file | config.json |
|
In the config.json file, find the exact version of the installed Collector and the status of the TCP connection.
Find the log files here:
/Library/Logs/nxtsvcgen.log/Library/Logs/nxtsvcgen.log/Library/Logs/nxtcoordinator.log/Library/Logs/nxtbsm.log/Library/Logs/nxtcod.log/Library/Logs/nxtcsi.log/Library/Logs/nxteufb.log/Library/Logs/nxtextension.log/Library/Logs/nxtupdater.log
Also under each user folder:
/Users/{username}/Library/Logs/nxthostapp.{userSID}.log/Users/{username}/Library/Logs/nxtray.{userSID}.log/Users/{username}/Library/Logs/nxtusm.{userSID}.log
Multiple options can be selected.
Last updated