Blue Screen Errors

This article covers how to use Edge DX to monitor blue screen (BSOD) errors in your environment.

See all blue screen events

To see all blue screen events, go to the Power and Session Events report and filter by Event Type = BSOD.

Click on the bugcheck code to read the relavant Microsoft documentation about the error that caused the blue screen event.

How Edge DX detects blue screens

When the Agent starts on a device after a reboot, it looks back in the Windows event log for blue screen errors. You can view the raw data collected by the Agent by going to Configuration > Data and selecting the power_events data index.

All events with local_event_id 41 and bugcheck_code >=1 are classified as a BSOD event_type. Each BSOD also contains bugcheck parameters. Refer to the Microsoft bug check code reference for how to interpret this data.

See devices with the most blue screens

Use the Top Devices with Blue Screen Events report to see the devices that have the most blue screen errors. Hover over a device in the chart to see which bug check codes caused the blue screen errors on that device.

See the most common causes of blue screens

Use the Top Blue Screen Events by Cause report to see the most common bug check codes causing blue screen errors. Hover over a bug check code in the chart to see which devices had a blue screen error with that code.

Click on a bug check code in the chart to read the Microsoft documentation for the error.

Receive an alert when a device displays a blue screen error

You can set up an Edge DX alert to trigger when a device has a blue screen error. You can configure the alert to send a notification or run a script (for example, to get a log file and upload it to a file server) when the alert triggers.

To set up an alert for blue screen errors, go to Configuration > Alerts and use the following alert conditions:

For more details on how to set up alerts, see Create Alerts.

Analyze BSOD minidumps for more information

Import the Analyze BSOD minidumps script from our Script Library to get enhanced visibility into blue screen errors. When an Edge DX Agent starts, the script checks for recent minidump files from blue screen errors. Learn how to import scripts from the Script Library.

If a minidump file is detected, the script creates an event in the System Event logs (located in Configuration > System Events) with the title "Analyze BSOD minidumps". Hover over the event description to see the content of the minidump. The minidump includes the details of the driver that might have caused the blue screen error.