uberAgent Explained: Application Inventory
This is the second in a series of articles that highlight and explain specific aspects of uberAgent’s functionality.
uberAgent is a Splunk agent for Windows end-user computing analytics focused on user experience and application performance. It provides deep insights into the user logon process, helps identify bottlenecks caused by slow backend systems and very much more. But how does inventory data fit in?
In order to understand what is happening, you first need to know what you have. Application inventory data provides a solid foundation to base decisions on and helps answer questions like these:
- Which applications do we have?
- How many machines is an application installed on?
- Which versions are installed on which machines?
- Do we have old versions with known security vulnerabilities?
- How is the rollout of that new application progressing?
- Are users installing apps on their own?
What does the application inventory data collected by uberAgent look like? Here is a sample screenshot showing an excerpt from the dashboard Single Machine Inventory:
As you can see, uberAgent collects the following information for each application:
- Application name
- Publisher (vendor) name
- Version number
- Installation date
- Installed language
- Was it installed from an MSI package?
- Per machine or per user installation?
- Install location
A full list of all metrics collected by uberAgent can be found here.
The application inventory functionality does not have to be configured specifically, just install uberAgent and it will immediately start collecting all this great data.
In case you want to modify the default configuration, e.g. in order to change the data collection frequency, take a look at the first article in this series.
uberAgent is an innovative Windows and macOS user experience monitoring (UXM) and endpoint security analytics (ESA) product.
uberAgent UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. All these varied aspects of system performance and reliability are smartly brought together in the Experience Score dashboard.
uberAgent ESA excels with a sophisticated activity monitoring engine, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification. uberAgent ESA comes with Sysmon and Sigma rule converters, a graphical rule editor, and uses a simple yet powerful query language instead of XML.
About vast limits
vast limits GmbH is the company behind uberAgent, the innovative user experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.