Skip to main content

Nexthink

This Integration is part of the Nexthink Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Nexthink helps IT teams deliver on the promise of the modern digital workplace. Nexthink is the only solution to provide enterprises with a way to visualize, act and engage across the entire IT ecosystem to lower IT cost and improve digital employee experience. This integration was integrated and tested with version 1.0.1 of Nexthink

Configure Nexthink in Cortex#

ParameterDescriptionRequired
Engine Host (e.g. connector.nexthink.com)True
Nexthink Engine Port (e.g. 1671)False
UsernameTrue
PasswordTrue
Trust any certificate (not secure)Trust any certificate (not secure).False
Use system proxy settingsUse system proxy settings.False

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

nt-compliance-check#

Verify antivirus/antispyware status.

Base Command#

nt-compliance-check

Input#

Argument NameDescriptionRequired
ipaddressEndpoint IP Address.Optional
hostnameEndpoint Hostname.Optional

Context Output#

PathTypeDescription
Nexthink.Compliance.DeviceNamestringEndpoint device host name.
Nexthink.Compliance.LastLoggedOnUserstringLast logged on user.
Nexthink.Compliance.IPAddressstringEndpoint IP address.
Nexthink.Compliance.MACAddressstringEndpoint MAC address.
Nexthink.Compliance.DeviceAntivirusstringEndpoint antivirus name.
Nexthink.Compliance.DeviceAntivirusRTPstringEndpoint antivirus real time protection status.
Nexthink.Compliance.DeviceAntivirusUpdatedstringEndpoint antivirus update status.
Nexthink.Compliance.DeviceAntispywarestringEndpoint Antispyware name.
Nexthink.Compliance.DeviceAntispywareRTPstringEndpoint Antispyware real time protection status.
Nexthink.Compliance.DeviceAntispywareUpdatedstringEndpoint Antispyware update status.

Command Example#

#### Human Readable Output
### nt-installed-packages
***
Query installed software in endpoint.
#### Base Command
`nt-installed-packages`
#### Input
| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
| hostname | Endpoint Hostname. | Required |
| package | Installed Software Name. Default is agent. | Required |
#### Context Output
| **Path** | **Type** | **Description** |
| --- | --- | --- |
| Nexthink.Package.PackageName | string | Package name. |
| Nexthink.Package.PackagePublisher | string | Packaged publisher. |
| Nexthink.Package.PackageVersion | string | Package version. |
| Nexthink.Package.DeviceName | string | Endpoint device host name. |
| Nexthink.Package.LastLoggedOnUser | string | Last logged on user. |
| Nexthink.Package.IPAddress | string | Endpoint IP address. |
| Nexthink.Package.MACAddress | string | Endpoint MAC address. |
#### Command Example

Human Readable Output#

nt-endpoint-details#

Get endpoint details.

Base Command#

nt-endpoint-details

Input#

Argument NameDescriptionRequired
hostnameEndpoint hostname.Optional
ipaddressEndpoint IP Address.Optional

Context Output#

PathTypeDescription
Nexthink.Endpoint.EndpointNamestringEndpoint device host name.
Nexthink.Endpoint.LastLoggedOnUserstringLast logged on user.
Nexthink.Endpoint.IPAddressstringEndpoint IP address.
Nexthink.Endpoint.MACAddressstringEndpoint MAC address.

Command Example#

#### Human Readable Output
Edit this page
Report an Issue