Skip to main content

Nexthink

This Integration is part of the Nexthink Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Nexthink helps IT teams deliver on the promise of the modern digital workplace. Nexthink is the only solution to provide enterprises with a way to visualize, act and engage across the entire IT ecosystem to lower IT cost and improve digital employee experience. This integration was integrated and tested with version 1.0.1 of Nexthink

Configure Nexthink in Cortex#

ParameterDescriptionRequired
Engine Host (e.g. connector.nexthink.com)True
Nexthink Engine Port (e.g. 1671)False
UsernameTrue
PasswordTrue
Trust any certificate (not secure)Trust any certificate (not secure).False
Use system proxy settingsUse system proxy settings.False

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

nt-compliance-check#


Verify antivirus/antispyware status.

Base Command#

nt-compliance-check

Input#

Argument NameDescriptionRequired
ipaddressEndpoint IP Address.Optional
hostnameEndpoint Hostname.Optional

Context Output#

PathTypeDescription
Nexthink.Compliance.DeviceNamestringEndpoint device host name.
Nexthink.Compliance.LastLoggedOnUserstringLast logged on user.
Nexthink.Compliance.IPAddressstringEndpoint IP address.
Nexthink.Compliance.MACAddressstringEndpoint MAC address.
Nexthink.Compliance.DeviceAntivirusstringEndpoint antivirus name.
Nexthink.Compliance.DeviceAntivirusRTPstringEndpoint antivirus real time protection status.
Nexthink.Compliance.DeviceAntivirusUpdatedstringEndpoint antivirus update status.
Nexthink.Compliance.DeviceAntispywarestringEndpoint Antispyware name.
Nexthink.Compliance.DeviceAntispywareRTPstringEndpoint Antispyware real time protection status.
Nexthink.Compliance.DeviceAntispywareUpdatedstringEndpoint Antispyware update status.

Command Example#

Human Readable Output#

nt-installed-packages#


Query installed software in endpoint.

Base Command#

nt-installed-packages

Input#

Argument NameDescriptionRequired
hostnameEndpoint Hostname.Required
packageInstalled Software Name. Default is agent.Required

Context Output#

PathTypeDescription
Nexthink.Package.PackageNamestringPackage name.
Nexthink.Package.PackagePublisherstringPackaged publisher.
Nexthink.Package.PackageVersionstringPackage version.
Nexthink.Package.DeviceNamestringEndpoint device host name.
Nexthink.Package.LastLoggedOnUserstringLast logged on user.
Nexthink.Package.IPAddressstringEndpoint IP address.
Nexthink.Package.MACAddressstringEndpoint MAC address.

Command Example#

Human Readable Output#

nt-endpoint-details#


Get endpoint details.

Base Command#

nt-endpoint-details

Input#

Argument NameDescriptionRequired
hostnameEndpoint hostname.Optional
ipaddressEndpoint IP Address.Optional

Context Output#

PathTypeDescription
Nexthink.Endpoint.EndpointNamestringEndpoint device host name.
Nexthink.Endpoint.LastLoggedOnUserstringLast logged on user.
Nexthink.Endpoint.IPAddressstringEndpoint IP address.
Nexthink.Endpoint.MACAddressstringEndpoint MAC address.

Command Example#

Human Readable Output#