Version 6.30
Learn
Documentation
Support
Community

Nxtcfg - Collector configuration tool

Overview

Nxtcfg is a small console application to read and modify the configuration parameters of the Collector. Ensure that you run Nxtcfg with administrator privileges.

Installation

By default, the Nxtcfg tool is installed along with the Collector when installing the Collector MSI. Once the Collector is installed, the Nxtcfg tool is located under

C:\Windows\System32\nxtcfg.exe.

The Collector MSI version used determines the nxtcfg version installed (Windows 32-bit or 64-bit system).

If not required, add the option CFG_INSTALL=0 to the MSI command line, when installing the Collector.

Options

Configuration parameters

The modification of some of the parameters requires to restart the Collector for the change to take effect. Rebooting the device forcefully restarts all Collector components as well. For each parameter, this is specified by the values in the column Restart required of the parameters table:

  • No: No reboot or component restart required.

  • Yes: Collector restart or device reboot required.

Nxtcfg in Remote Actions

Because the Collector communicates with the Engine when running remote actions, it is not recommended to change some of the configuration parameters of the Collector from a remote action. Thus, refrain from modifying any of the following configuration parameters when running nxtcfg.exe within a remote action:

  • ip

  • tcp_port

  • customer_key

  • root_ca

For the same reason, do not stop or restart the Collector with nxtcfg.exe in a remote action. Directly stopping or restarting the Collector abruptly ends the communication between the Collector and the Engine, resulting in the Collector losing its state in respect of the remote action. Once the Collector is up again, it starts the execution of the remote action from the beginning, potentially creating an infinite loop.

Instead, if you need to modify some Collector settings from a remote action that require a restart, use the following code in the script of the remote action:

  • To stop the Collector:

Stop-Service -Name "Nexthink Service" -Force
Stop-Service -Name "nxtrdrv5" -Force
Stop-Service -Name "nxtrdrv" -Force

  • To start the Collector:

Start-Service -Name "nxtrdrv"
Start-Service -Name "nxtrdrv5"
Start-Service -Name "Nexthink Service"

Setting the Customer Key and Root Certificate

The Collector uses the Customer Key and Root Certificate to validate the identity of the secondary Appliance (Engine) and security communicate with it via TLS. If any of these security parameters change in the Appliance (e.g. moving from pre-production to production environment), you must change the configuration in your Collectors accordingly.

The parameters customer_key and root_ca are special in the sense that they do not admit a direct value as argument, but a path to a text file holding the actual value of the Customer Key or the default Root Certificate, respectively. To download the Customer Key and the default Root Certificate from the primary Appliance, follow the same method described for installing the Collector:

  1. Log in to the Web Console of the primary Appliance as admin.

  2. Select the Appliance tab at the top of the Web Console.

  3. Click Collector management in the left-hand side menu.

  4. Under Collector default certificates at the bottom of the page, click the buttons DOWNLOAD CUSTOMER KEY and DOWNLOAD DEFAULT ROOT CERTIFICATE to download, respectively, the text files holding the Customer Key and the default Root Certificate of the Appliance.

    • Only use the default Root Certificate of the primary Appliance if you did not replace the certificates for the TCP connection of the Collector with the Appliances.

To set the Customer Key and Root Certificate downloaded from the primary Appliance, type in the following (assuming that you placed the downloaded files in the root directory of your C: drive):

nxtcfg.exe /s customer_key="C:\Nexthink-customer-key.txt" root_ca="C:\Nexthink-root-ca.txt"

When listing the customer_key and root_ca parameters with the /l option of Nxtcfg, neither the full Customer Key nor the full Root Certificate are displayed. Instead, only the first few characters of both the configured key and certificate are shown. These characters are usually enough to identify the key or the certificate, while keeping the list of Nxtcfg parameters readable.

The operations described in this article should only be performed by a Nexthink Engineer or a Nexthink Certified Partner.

If you need help or assistance, please contact your Nexthink Certified Partner.

RELATED TASKS

Last updated

© Nexthink

Privacy policyResponsible Disclosure Policy