The Trigger-it Agent gathers a variety of logs and events from the system to provide a comprehensive overview of the system’s digital footprint. This is accomplished by executing an event collection process that gathers Windows logs and reliability logs.
Currently, the following events and categories are collected from the system:
Event Logs | Categories | Collection Type |
Applications | Warning, Critical | Upon Startup Then Realtime |
System | Warning, Critical | Upon Startup Then Realtime |
Security | Failed Audit Events | Upon Startup Then Realtime |
Reliability | Informational, Warning, Critical | Upon Startup Then 5 minutes |
Upon system startup, the system will check for the presence of registry keys in the following path: HKEY_LOCAL_MACHINE\SOFTWARE\SXEP\TriggerIt. There should be two keys:
- ReliabilityLastDate
- LastTimeEventUploaded
Each key records the latest time events were checked and uploaded to the backend. If none exist, the system will collect all events up to 60 days before the current date and send them to the backend server, updating these registry keys accordingly.