Workflow Actions
Important Information The full list of Actions becomes available after enabling the 'Show Advanced Actions' option. To enable it click on Settings gear on the upper right corner and select the corresponding checkbox. |
Actions - are bricks from which you build your complex automated workflows. Add a task action to an Automated Workflow to perform simple or highly complex functions, and run another task action on the behavior of the previous actions. Multiple outcomes can be configured from a single workflow step, as well as multiple actions lined to a single next step.
Discovery: Actions for WindowsDiscovery: Actions for Windows
Software Management | Auto Remove Software (MSI Only) |
This action automatically removes MSI-based software from a device using the iSoftwareQuery interface. The software to be removed can be specified using the following properties:
OutputResult:
|
|
Can Auto Remove Software | Check if particular software can be automatically removed from a device. | ||
Find Software |
This step is used to find software on a device. It queries the installed software and checks if the specified software is found or not. Useful if you need to uninstall software only where it exists. |
||
Antivirus | Antivirus Disabled | Check the status of the antivirus software on a device and indicate if it is currently disabled, providing insights into potential security vulnerabilities or user interventions. | |
Syxsense | Clear File Index Database | Reset the file index database. This can improve the accuracy and efficiency of file-related searches and operations within the environment. | |
OS | CPU Usage |
Monitors the CPU usage of a device over a specified sample and evaluation period. CPU usage is categorized as: Critical, High, Medium, Low, or Idle based on the measured values. |
|
Disable Firewall | Disable the Windows Firewall. | ||
Disable Startup Software | Disable software launched on device startup. | ||
Disk Cleanup | Initiates the built-in Windows Disk Cleanup utility to free up disk space by removing unnecessary files. | ||
Enable BitLocker | Enable BitLocker device encryption. | ||
Enable Firewall | Enable the Windows Firewall. | ||
Firewall Rules | Manage and configure specific rules within the Windows Firewall, allowing or blocking traffic based on criteria such as port numbers, IP addresses, or application names. | ||
Firewall Status |
Detect the status of the Windows Firewall (enabled or disabled). |
||
Log user out |
This step is used to log the user out of the current session on the device. It uses the Windows Terminal Services API to open the server, get the active console session ID, and log off the session. If the log off is successful, the output result is set to 'success', otherwise it is set to 'failed'. |
||
Mount ISO |
This includes both mounting and unmounting actions. Mount an ISO image to make its contents accessible as if they were part of the local file system. This allows browsing, reading, and modifying the files within the ISO image just like any other directory on your system. Unmounting is the process of disconnecting a mounted file system from its mount point. When you're done working with an ISO image, unmounting it ensures that the file system is safely detached from the mount point. This action frees up system resources and prevents data corruption. ISO files are normally used to back up optical disks or data in a more functional way. |
||
OS Platform |
Detect the type of operating system. This is useful if you have different actions based on Windows, Mac OS or Linux operating systems. |
||
Performance Counter | This step is used to monitor the performance of the operating system by using performance counters. Monitor and capture specific performance metrics from the device, such as CPU usage, memory utilization, or disk activity, for analysis and optimization purposes. | ||
Process CPU Usage | This action monitors the CPU usage of a specific process. It retrieves the CPU usage as a percentage and categorizes it as low, medium, high, or critical based on specified thresholds. | ||
Process Memory Usage | This step monitors the memory usage of a specific process by retrieving its consumption in megabytes. Based on predefined thresholds, the usage is categorized as low, medium, high, or critical. | ||
RAM % Usage | Monitor and evaluate the percentage of RAM usage on a device over a specified time period, helping to identify memory-related performance issues. | ||
RAM Free | This step is used to monitor the RAM usage of a device. It retrieves the available memory in MB and categorizes it as low, medium, high, or critical based on the specific thresholds. | ||
Registry Search | This tab allows you to search for specific keys or values within the Windows Registry. Useful for identifying configuration entries or verifying the existence of registry settings on a device. | ||
Registry Set Value | Create a specific entry in the Windows Registry, allowing for advanced configuration and customization of system settings. | ||
Service Control | Manage and control system services (start, stop, pause, resume, or change startup type for a specific services on the device). | ||
Set Policy Setting | Set a policy setting. | ||
Start Services | This step is used to start services on a device. It iterates through a list of services, of names, and starts each service if it is not already running. It returns a success result if any service is started, a failed result if there is an exception while starting a service, and a non-result if no services are started. | ||
Stop Services | This is used to stop a specific service on a device. | ||
Windows Feature | Enable or Disable Windows Features. This is useful in optimizing the system resources and ensuring that only necessary features are active based on organizational requirements. It uses the DismApi to perform the necessary operations. The specific feature to enable or disable is specified in the FeatureName property of the WindowsFeatureStepSettings class. The Action property determines whether to enable or disable the feature. If the operation is successful, the OutputResult property is set to JobResult.SuccessResult. If an exception occurs during the operation, the OutputResult property is set to JobResult.FailedResult. If a reboot is required after the operation, the RebootNeeded property is set to true. | ||
Windows Versions | Verify the current version of the Windows operating system on a device. Outputs the version of the Windows operating system on a given device. This identification includes checking if the OS is a server or client version, distinguishing between 32-bit and 64- bit versions, and translating the OS version number into a recognizable format. | ||
WMI Query | Query the WMI repository. By executing WMI queries, administrators can retrieve detailed data about system resources, hardware components, software configurations, and more. This information is valuable for monitoring device health, diagnosing issues, and managing devices effectively within a networked environment. | ||
Write to EventLog |
This step writes an entry to the Windows Event Log. Required/Optional Settings:
OutputResult:
|
||
Admin | DateTime Approval | Require administrative approval based on a specified date and time before proceeding with the next step in the workflow. It ensures that critical tasks are only executed after receiving explicit authorization, which can be scheduled in advance. | |
E-mail Approval |
Sends email for approval before processing the next step in the task. Example: Confirm approval before deployment of patches. If emailing to multiple email addresses, set the "number of approvers" appropriately. If you need all users to approve, the number must match the number of emails addresses. |
||
End User Desktop Approval |
Requires end-user approval before processing the next step in the task. Snooze and cancellation options can be used if required. Example: The end-user is asked to close all Outlook applications before application upgrade. |
||
End User Notification |
This action allows to create informative message which be displayed to users on the notification dialog. Notification can be customized with the company logo. Maximum text size is 200 symbols. Notification timers allow to specify time during which the popup message will be displayed on a device. After this time the message disappears automatically if not skipped by the user. |
||
Send Email | Trigger the sending of an email to specified recipients. It can be used for notifications, alerts, or other communication needs within the workflow. | ||
Set Result | Set the outcome or result of a task, allowing for the tracking and logging of task executions and statuses. | ||
Wait |
Wait for a defined period of time before processing the next task. It's useful for ensuring that preceding tasks have completed or for synchronizing with external events. Example: Wait 15 minutes for services to come online. |
||
Action | Device Health Query | Query the device's health status, gathering information related to its operational condition and performance metrics. | |
Download File | Facilitate the downloading of specified files onto the device, ensuring necessary resources are available for subsequent tasks. | ||
Execute Batch Script |
This class is used to execute a batch script. It creates a temporary batch file, writes a script content to the file, and executes it. The class also allows specifying arguments, success return codes, and a timeout for execution. After execution, the class sets the result based on the exit code of the batch script. You can copy and paste a pre-existing script |
||
Execute C# Script | Execute C# a scripts as a workflow step. It compiles the script, executes it, and returns the result. | ||
Execute file | This class is used to execute a file on a device. It takes a file path, arguments, success, return, codes, timeout, and locked output settings, replaces variables in the file path and arguments before executing the file. If the file execution is successful and the exit code matches one of the success return codes, it sets the result as success. If the exit code indicates a reboot is required, it sets the reboot needed property to true. If the file execution fails or the exit code does not match any of the success return codes, it sets the result as a command result with the exit code. It also sets the task result and stores the exit code in the variable storage. | ||
Execute Powershell Script |
Execute a Windows Powershell script. Example: Shut down the virtual machine to patch the host. |
||
Execute Python | This step is used to execute Python script. | ||
Execute VB Script |
This class is used to execute VB scripts as a part of a workflow step. It allows you to specify the script to be executed, the success return code, and the timeout period. The script can be entered using the file browser and the success return codes determine whether the execution was successful or not. The timeout period specifies how long the script can run before it is considered to have timeout. VB is extremely useful for multiple-step actions. |
||
Extract file | Unpack or extract specified file from a zip archive, ensuring that required resources are made available for subsequent tasks. | ||
Kill Process by Hash |
Process (hash) is stopped if running. Hash is either MD5 or Sha1. |
||
Kill Processes | A list of processes (names) are stopped if running. | ||
Kill Process | Process (name) is stopped if running. | ||
Set variable value (Beta) |
Create and set global variables. Global variables store script output results for every device. Global variables are useful when you need to reference a variable from outside the current workflow, making them particularly handy for workflows sequences. These variables allow for consistent referencing of workflows across devices' lifecycles. |
||
SIEM Query | Query the Security Information and Event Management (SIEM) database for syslog entries. This action interacts with SIEM systems to retrieve security-related information, logs, or events, aiding in monitoring and managing security postures and incidents. This step is used to query the SIEM database for syslog entries. | ||
Account management | Disable User Account |
Disable a specified account if it exists. Example: If you have a user account that you want to make unavailable without deleting it. |
|
Enable User Account |
This step is used to enable a user account on a device. It calls the UserAccountManager.EnableAccount method to enable the account. The username is retrieved from the SpecificSettings. UserName property. If the account is successfully enabled, the output result is set to JobResult.SuccessResult. If an exception occurs or the account cannot be enabled, the output result is set to JobResult.FailedResult. Example: Enable a local account that is only used for local device backups. |
||
Find User Account |
Search for a local account. Example: Search for 'Administrator' user accounts as these breach a security policy. |
||
Group Membership Change | Modify the group memberships of a user account on a local group, adding or removing the account from specified groups. | ||
Reset User Password | This class is used to reset the password for a user account on a device. It takes the username and password as input and uses the UserAccountManager class to reset the password. It also has an option to enable the account if it is disabled. The possible results for this class are SuccessResult and FailedResult. | ||
Health | Disk Space Health |
This step is used to check the health of disk space on a device. It calculates the total free space on a specific device drive and compares it to predefined thresholds to determine the health status. The possible results of this step include healthy, medium, warning, low, critical, and no disk. Example: Check disk space prior to deployment of software or patches. |
|
EventLog Entry | Check for specific event log entries on a device. It retrieves event logs based on the specified criteria such as log name, entry type, time range, user name, i source, message content, category, instance ID, and minimum number of events. It returns 'Found' if the specified number of events matching the criteria are found, otherwise it returns 'NotFound'. | ||
Registry Settings | Check if you are able to find a registry key with a particular value. | ||
Smart Drive | This step is used to check health of the smart drive on a device. It analyzes the smart attributes of the device and determines if it is healthy or unhealthy. If the device is unhealthy, it provides detailed information about the attributes that are causing the issue. | ||
Logic | Event Viewer | This step is used to check the event viewer logs on a device. It allows you to filter the logs based on various criteria, such as event IDs, levels, sources, users, task categories, and messages. | |
Has X or more files in a folder | Check if a selected folder contains a specified number of files, determining if the condition is met for executing subsequent tasks or actions based on the file count within the directory. | ||
Find File |
Search a specified drive for a specific file (file name). Example: Search the drive for a Tor browser or BitTorrent binary. |
||
Free Disk Space | Check the free disk space for a specific drive. | ||
File datetime Check | Check the date and time stamp of a file in a specified path. | ||
Does File Exist | Check if a file exists in a specified path. | ||
File Version Check | Check the version of a file in a specified path. | ||
Is Low Disk Space | Check the free disk space for a specific drive is less than the specified percentage. | ||
If time of the day |
Action which checks if the time is good for the workflow chain to continue. The time is taken according to device(s) time zone for which workflow action is being executed. |
||
If Variable Inventory | Action allows to read the Output value of a variable, which may include endpoint configurations, statuses, or other relevant attributes, to determine the subsequent course of action within the workflow. | ||
If variable (Beta) |
Action designed to check incoming variable value from another action. And depending on received value 'If variable' decides which way the workflow will go further. It allows to read any of the 3 values of a variable: Output, ErrorCode or ReturnCode. |
||
Is Bitlocker Enabled | Check if BitLocker is enabled. | ||
Is device clock correct |
Checks if the time on the device is synchronized with a particular server. The admissible time difference can be specified in minutes. |
||
Is Firewall Disabled | Check if Firewall is disabled. | ||
Is BitLocker Enabled | Check if BitLocker encryption is enabled. | ||
Find Process by Hash |
Detect if Process (hash) is running. Hash is either MD5 or Sha1. |
||
Is Process Running | Detect if Process (full process name including path) is running. | ||
Is Reboot Needed |
Check if the reboot is needed. This is really useful if you are performing a complex software upgrade that requires a device to be in a non-reboot state. |
||
Is Windows Server | Check if the device is a server. | ||
Is User Logged In |
Shows if there is a logged in user on a device. This action is applicable only for Windows devices. |
||
SQL Server Status | Check if a particular SQL Server is enabled or disabled. | ||
Is on Network |
Ping an IP Address or URL to detect on which network the device is connected. Example: Ping a local server to make sure the device is inside the company network. |
||
Does Registry key exists | Verify the existence of a particular registry key within the Windows Registry, allowing administrators to confirm the presence or absence of specific configurations or settings. | ||
Has Registry Value | Check a registry value in a specific key. | ||
Service Status | This step is used to check the service status on a device. | ||
Uptime |
Check if a device has been up and running for a specified time period. Example: Has the server been running for 10 minutes since being rebooted. |
||
Web Monitor | This class is used to monitor a web page or API endpoint by sending HTTP requests and checking the response status code. | ||
Inventory | Inventory Scan |
Perform an inventory scan on the device. Example: Perform an inventory scan to ensure it is up to date before trying to install the software. |
|
Update Inventory Custom Field |
This step is used to update the value of a custom inventory field for a device. This is useful for: tagging devices with environment labels (e.g., "Production", "QA"); recording deployment status, asset ownership, or location metadata; supporting dynamic reporting and filtering in inventory views.
|
||
Patching |
Patch Scan and Deploy | This is used to deploy patches on the device. It performs a patch scan and then deploys the patches. | |
Patch Remove | Select which patches to uninstall from single, multiple, groups or queries of patches. | ||
Patch Scan |
This class is used to perform a patch scan on a device. It scans for patches and detects if any patches are found or not. |
||
Patch Stage |
This step is used to stage patches on a device so that when a patch deploy happens at a later time it can use that local cache. |
||
Security Resolve |
Action made to apply/run the remediation workflows which were previously accepted/saved by the customer before using Security Resolve action. This action allow to select the approved remediations by:
|
||
Security Scan | This step is used to perform a security scan on a device. It is a subclass of a PatchScanStep class and implements the IPatching step interface it is responsible for initiating the security scan task and returning the result of the scan. The SecurityScanStep class is decorated with the DisplayName attribute set to security scan and the category attribute set to patching. It also has a JobStep attribute with the image key property set to security scan task and the LongRunning property set to true. | ||
Patch Security Single Definition | This class represents a step for performing a single patch/security scan. | ||
Queries | Select the the pre-existing custom query of security scripts to fix system misconfigurations and vulnerabilities. | ||
System Rules | Select a set of pre-configured rules used to evaluate and enforce system configuration standards. | ||
Reboot | Reboot Now |
his class is used to perform a reboot on a device. It is a subclass of the RebootStepBase class and inherits its functionality. The RebootStep class is specifically designed to perform a reboot immediately without any delay or user interaction. It is categorized under 'Reboot' category and has associated image key of Reboot. The class has the ability to ignore detection, meaning that it will not be detected or executed by the detection engine. The class is marked as a long-running job step, indicating that it may take a significant amount of time to complete. The PossibleResult attribute specifies that the class can return either a success or cancelled result. The GetUIOptions object that configures the user interface options for the RebootStep, including initiating the reboot immediately and enabling the workflow. |
|
Reboot with Custom UI Prompt |
This class is used to perform a reboot with a custom UI prompt. It is a subclass of the RebootStepBase class and uses the RebootSettings custom class for specific settings. It overrides the GetUIOptions method to customize the UI options for the reboot. This will reboot immediately if there are users not logged on. |
||
Quick Reboot UI |
Base class for reboot step in a workflow. | ||
View | Show Software | Displays a list of all software currently installed on the device. | |
Show Startup Software | Displays a list of programs configured to run automatically at system startup. | ||
Software | Software Store is a selection of 3rd-party content which can be deployed. Choose from our extensive centralized software library of thousands of applications to easily provision devices. Applications are deployed via the workflow action. It efficiently pushes the application without needing it to upload to your cloud repository in Media Manager. | ||
Install | Launches the installation process for the selected software. | ||
Remove |
Uninstall the software. |
||
Stage |
This action is used for software deployment without launching install command. The file is loaded to DownloadFolder and DownloadCacheFolder, but not executed. Checking the 'Using Peer File' checkbox in Properties allows implementing of a peer-to-peer technology which is useful for traffic reduction. |
||
Network | Wi-Fi Profile Management |
Creates or updates Wi-Fi network profiles on the target device. |
|
Feature Updates |
Installs a specified version of a Windows Feature Update on the target device. |
||
Workflows | A curated database of pre-configured workflow templates, designed to address various operational and management scenarios. |
Discovery: Actions for LinuxDiscovery: Actions for Linux
Syxsense | Clear File Index Database | Reset the file index database. This can improve the accuracy and efficiency of file-related searches and operations within the environment. | |
OS | CPU Usage |
Monitors the CPU usage of a device over a specified sample and evaluation period. CPU usage is categorized as: Critical, High, Medium, Low, or Idle based on the measured values. |
|
OS Platform |
Detect the type of operating system. This is useful if you have different actions based on Windows, Mac OS or Linux operating systems. |
||
Process CPU Usage | This action monitors the CPU usage of a specific process. It retrieves the CPU usage as a percentage and categorizes it as low, medium, high, or critical based on specified thresholds. | ||
Process Memory Usage | This step monitors the memory usage of a specific process by retrieving its consumption in megabytes. Based on predefined thresholds, the usage is categorized as low, medium, high, or critical. | ||
RAM % Usage | Monitor and evaluate the percentage of RAM usage on a device over a specified time period, helping to identify memory-related performance issues. | ||
RAM Free | This step is used to monitor the RAM usage of a device. It retrieves the available memory in MB and categorizes it as low, medium, high, or critical based on the specific thresholds. | ||
Registry Search | This tab allows you to search for specific keys or values within the Windows Registry. Useful for identifying configuration entries or verifying the existence of registry settings on a device. | ||
Admin | DateTime Approval | Require administrative approval based on a specified date and time before proceeding with the next step in the workflow. It ensures that critical tasks are only executed after receiving explicit authorization, which can be scheduled in advance. | |
E-mail Approval |
Sends email for approval before processing the next step in the task. Example: Confirm approval before deployment of patches. If emailing to multiple email addresses, set the "number of approvers" appropriately. If you need all users to approve, the number must match the number of emails addresses. |
||
Send Email | Trigger the sending of an email to specified recipients. It can be used for notifications, alerts, or other communication needs within the workflow. | ||
Set Result | Set the outcome or result of a task, allowing for the tracking and logging of task executions and statuses. | ||
Wait |
Wait for a defined period of time before processing the next task. It's useful for ensuring that preceding tasks have completed or for synchronizing with external events. Example: Wait 15 minutes for services to come online. |
||
Action | Device Health Query | Query the device's health status, gathering information related to its operational condition and performance metrics. | |
Download File | Facilitate the downloading of specified files onto the device, ensuring necessary resources are available for subsequent tasks. | ||
Execute C# Script | Execute C# a scripts as a workflow step. It compiles the script, executes it, and returns the result. | ||
Execute file | This class is used to execute a file on a device. It takes a file path, arguments, success, return, codes, timeout, and locked output settings, replaces variables in the file path and arguments before executing the file. If the file execution is successful and the exit code matches one of the success return codes, it sets the result as success. If the exit code indicates a reboot is required, it sets the reboot needed property to true. If the file execution fails or the exit code does not match any of the success return codes, it sets the result as a command result with the exit code. It also sets the task result and stores the exit code in the variable storage. | ||
Execute Powershell Script |
Execute a Windows Powershell script. Example: Shut down the virtual machine to patch the host. |
||
Execute Python | This step is used to execute Python script. | ||
Execute sh script | Execute custom shell scripts, primarily used in Unix-based systems for task automation. It creates a temporary shell file, sets the necessary permissions, and executes the file using the /bin/bash command. The script to be executed is provided in the ScriptContainer property of the ExecuteShellScriptSettings class. The success return codes are specified in the SuccessReturnCodes property, and the timeout for the script execution is set in the Timeout property. The Arguments property can be used to pass additional arguments to the shell script. After execution, the class sets the result of the script execution and handles any exceptions that may occur. | ||
Extract file | Unpack or extract specified file from a zip archive, ensuring that required resources are made available for subsequent tasks. | ||
Kill Process by Hash |
Process (hash) is stopped if running. Hash is either MD5 or Sha1. |
||
Kill Processes | A list of processes (names) are stopped if running. | ||
Kill Process | Process (name) is stopped if running. | ||
Set variable value (Beta) |
Create and set global variables. Global variables store script output results for every device. Global variables are useful when you need to reference a variable from outside the current workflow, making them particularly handy for workflow sequences. These variables allow for consistent referencing of workflows across devices' lifecycles. |
||
SIEM Query | Query the Security Information and Event Management (SIEM) database for syslog entries. This action interacts with SIEM systems to retrieve security-related information, logs, or events, aiding in monitoring and managing security postures and incidents. This step is used to query the SIEM database for syslog entries. | ||
Health | Disk Space Health |
This step is used to check the health of disk space on a device. It calculates the total free space on a specific device drive and compares it to predefined thresholds to determine the health status. The possible results of this step include healthy, medium, warning, low, critical, and no disk. Example: Check disk space prior to deployment of software or patches |
|
Logic | Has X or more files in a folder | Check if a selected folder contains a specified number of files, determining if the condition is met for executing subsequent tasks or actions based on the file count within the directory. | |
Find file | Search a specified drive for a specific file (file name). | ||
Find datetime check | Check the date and time stamp of a file in a specified path. | ||
Does File Exist | Check if a file exists in a specified path. | ||
File Version Check | Check the version of a file in a specified path. | ||
If time of the day | Action which checks if the time is good for the workflow chain to continue. The time is taken according to device(s) time zone for which workflow action is being executed. | ||
If Variable Inventory | Action allows to read the Output value of a variable, which may include endpoint configurations, statuses, or other relevant attributes, to determine the subsequent course of action within the workflow. | ||
If variable (Beta) |
Action designed to check incoming variable value from another action. And depending on received value 'If variable' decides which way the workflow will go further. It allows to read any of the 3 values of a variable: Output, ErrorCode or ReturnCode. |
||
Is device clock correct | Checks if the time on the device is synchronized with a particular server. The admissible time difference can be specified in minutes. | ||
Find Process by Hash |
Detect if Process (hash) is running. Hash is either MD5 or Sha1. |
||
Is Process Running | Detect if Process (full process name including path) is running. | ||
Is Reboot Needed |
Check if the reboot is needed. This is really useful if you are performing a complex software upgrade that requires a device to be in a non-reboot state. |
||
SQL Server Status | Check if a particular SQL Server is enabled or disabled. | ||
Is on Network |
Ping an IP Address or URL to detect on which network the device is connected. Example: Ping a local server to make sure the device is inside the company network. |
||
Uptime |
Check if a device has been up and running for a specified time period. Example: Has the server been running for 10 minutes since being rebooted. |
||
Web Monitor | This class is used to monitor a web page or API endpoint by sending HTTP requests and checking the response status code. | ||
Inventory | Inventory Scan |
Perform an inventory scan on the device. Example: Perform an inventory scan to ensure it is up to date before trying to install the software. |
|
Update Inventory Custom Field |
This step is used to update the value of a custom inventory field for a device. This is useful for: tagging devices with environment labels (e.g., "Production", "QA"); recording deployment status, asset ownership, or location metadata; supporting dynamic reporting and filtering in inventory views.
|
||
Patching | Patch Scan and Deploy | This is used to deploy patches on the device. It performs a patch scan and then deploys the patches. | |
Patch Remove | Select which patches to uninstall from single, multiple, groups or queries of patches. | ||
Patch Scan |
This class is used to perform a patch scan on a device. It scans for patches and detects if any patches are found or not. |
||
Patch Security Single Definition | This class represents a step for performing a single patch/security scan. | ||
Queries | Select the the pre-existing custom query of security scripts to fix system misconfigurations and vulnerabilities. | ||
System Rules | Select a set of pre-configured rules used to evaluate and enforce system configuration standards. | ||
Reboot | Reboot Now |
his class is used to perform a reboot on a device. It is a subclass of the RebootStepBase class and inherits its functionality. The RebootStep class is specifically designed to perform a reboot immediately without any delay or user interaction. It is categorized under 'Reboot' category and has associated image key of Reboot. The class has the ability to ignore detection, meaning that it will not be detected or executed by the detection engine. The class is marked as a long-running job step, indicating that it may take a significant amount of time to complete. The PossibleResult attribute specifies that the class can return either a success or cancelled result. The GetUIOptions object that configures the user interface options for the RebootStep, including initiating the reboot immediately and enabling the workflow. |
|
Reboot with Custom UI Prompt |
This class is used to perform a reboot with a custom UI prompt. It is a subclass of the RebootStepBase class and uses the RebootSettings custom class for specific settings. It overrides the GetUIOptions method to customize the UI options for the reboot. This will reboot immediately if there are users not logged on. |
||
Quick Reboot UI |
Base class for reboot step in a workflow. | ||
View | Show Software | Displays a list of all software currently installed on the device. | |
Software | Software Store is a selection of 3rd-party content which can be deployed. Choose from our extensive centralized software library of thousands of applications to easily provision devices. Applications are deployed via the workflow action. It efficiently pushes the application without needing it to upload to your cloud repository in Media Manager. | ||
Install | Launches the installation process for the selected software | ||
Remove |
Uninstall the software |
||
Stage |
This action is used for software deployment without launching install command. The file is loaded to DownloadFolder and DownloadCacheFolder, but not executed. Checking the 'Using Peer File' checkbox in Properties allows implementing of a peer-to-peer technology which is useful for traffic reduction. |
||
Workflows | A curated database of pre-configured workflow templates, designed to address various operational and management scenarios. |
Discovery: Actions for MacDiscovery: Actions for Mac
Syxsense | Clear File Index Database | Reset the file index database. This can improve the accuracy and efficiency of file-related searches and operations within the environment. | |
OS | OS Platform |
Detect the type of operating system. This is useful if you have different actions based on Windows, Mac OS or Linux operating systems. |
|
Process CPU Usage | This action monitors the CPU usage of a specific process. It retrieves the CPU usage as a percentage and categorizes it as low, medium, high, or critical based on specified thresholds. | ||
Process Memory Usage | This step monitors the memory usage of a specific process by retrieving its consumption in megabytes. Based on predefined thresholds, the usage is categorized as low, medium, high, or critical. | ||
Registry Search | This tab allows you to search for specific keys or values within the Windows Registry. Useful for identifying configuration entries or verifying the existence of registry settings on a device. | ||
Admin | DateTime Approval | Require administrative approval based on a specified date and time before proceeding with the next step in the workflow. It ensures that critical tasks are only executed after receiving explicit authorization, which can be scheduled in advance. | |
E-mail Approval |
Sends email for approval before processing the next step in the task. Example: Confirm approval before deployment of patches. If emailing to multiple email addresses, set the "number of approvers" appropriately. If you need all users to approve, the number must match the number of emails addresses. |
||
Send Email | Trigger the sending of an email to specified recipients. It can be used for notifications, alerts, or other communication needs within the workflow. | ||
Set Result | Set the outcome or result of a task, allowing for the tracking and logging of task executions and statuses. | ||
Wait |
Wait for a defined period of time before processing the next task. It's useful for ensuring that preceding tasks have completed or for synchronizing with external events. Example: Wait 15 minutes for services to come online. |
||
Action | Device Health Query | Query the device's health status, gathering information related to its operational condition and performance metrics. | |
Download File | Facilitate the downloading of specified files onto the device, ensuring necessary resources are available for subsequent tasks. | ||
Execute C# Script | Execute C# a scripts as a workflow step. It compiles the script, executes it, and returns the result. | ||
Execute file | This class is used to execute a file on a device. It takes a file path, arguments, success, return, codes, timeout, and locked output settings, replaces variables in the file path and arguments before executing the file. If the file execution is successful and the exit code matches one of the success return codes, it sets the result as success. If the exit code indicates a reboot is required, it sets the reboot needed property to true. If the file execution fails or the exit code does not match any of the success return codes, it sets the result as a command result with the exit code. It also sets the task result and stores the exit code in the variable storage. | ||
Execute Powershell Script |
Execute a Windows Powershell script. Example: Shut down the virtual machine to patch the host. |
||
Execute Python | This step is used to execute Python script. | ||
Execute sh script | Execute custom shell scripts, primarily used in Unix-based systems for task automation. It creates a temporary shell file, sets the necessary permissions, and executes the file using the /bin/bash command. The script to be executed is provided in the ScriptContainer property of the ExecuteShellScriptSettings class. The success return codes are specified in the SuccessReturnCodes property, and the timeout for the script execution is set in the Timeout property. The Arguments property can be used to pass additional arguments to the shell script. After execution, the class sets the result of the script execution and handles any exceptions that may occur. | ||
Extract file | Unpack or extract specified file from a zip archive, ensuring that required resources are made available for subsequent tasks. | ||
Kill Process by Hash |
Process (hash) is stopped if running. Hash is either MD5 or Sha1. |
||
Kill Processes | A list of processes (names) are stopped if running. | ||
Kill Process | Process (name) is stopped if running. | ||
Set variable value (Beta) |
Create and set global variables. Global variables store script output results for every device. Global variables are useful when you need to reference a variable from outside the current workflow, making them particularly handy for workflow sequences. These variables allow for consistent referencing of workflows across devices' lifecycles. |
||
SIEM Query | Query the Security Information and Event Management (SIEM) database for syslog entries. This action interacts with SIEM systems to retrieve security-related information, logs, or events, aiding in monitoring and managing security postures and incidents. This step is used to query the SIEM database for syslog entries. | ||
Health | Disk Space Health |
This step is used to check the health of disk space on a device. It calculates the total free space on a specific device drive and compares it to predefined thresholds to determine the health status. The possible results of this step include healthy, medium, warning, low, critical, and no disk. Example: Check disk space prior to deployment of software or patches |
|
Logic | Has X or more files in a folder | Check if a selected folder contains a specified number of files, determining if the condition is met for executing subsequent tasks or actions based on the file count within the directory. | |
Find file | Search a specified drive for a specific file (file name). | ||
Find datetime check | Check the date and time stamp of a file in a specified path. | ||
Does File Exist | Check if a file exists in a specified path. | ||
File Version Check | Check the version of a file in a specified path. | ||
If time of the day | Action which checks if the time is good for the workflow chain to continue. The time is taken according to device(s) time zone for which workflow action is being executed. | ||
If Variable Inventory | Action allows to read the Output value of a variable, which may include endpoint configurations, statuses, or other relevant attributes, to determine the subsequent course of action within the workflow. | ||
If variable (Beta) |
Action designed to check incoming variable value from another action. And depending on received value 'If variable' decides which way the workflow will go further. It allows to read any of the 3 values of a variable: Output, ErrorCode or ReturnCode. |
||
Is device clock correct | Checks if the time on the device is synchronized with a particular server. The admissible time difference can be specified in minutes. | ||
Find Process by Hash |
Detect if Process (hash) is running. Hash is either MD5 or Sha1. |
||
Is Process Running | Detect if Process (full process name including path) is running. | ||
Is Reboot Needed |
Check if the reboot is needed. This is really useful if you are performing a complex software upgrade that requires a device to be in a non-reboot state. |
||
SQL Server Status | Check if a particular SQL Server is enabled or disabled. | ||
Is on Network |
Ping an IP Address or URL to detect on which network the device is connected. Example: Ping a local server to make sure the device is inside the company network. |
||
Uptime |
Check if a device has been up and running for a specified time period. Example: Has the server been running for 10 minutes since being rebooted. |
||
Web Monitor | This class is used to monitor a web page or API endpoint by sending HTTP requests and checking the response status code. | ||
Inventory | Inventory Scan |
Perform an inventory scan on the device. Example: Perform an inventory scan to ensure it is up to date before trying to install the software. |
|
Update Inventory Custom Field |
This step is used to update the value of a custom inventory field for a device. This is useful for: tagging devices with environment labels (e.g., "Production", "QA"); recording deployment status, asset ownership, or location metadata; supporting dynamic reporting and filtering in inventory views.
|
||
Patching | Patch Scan and Deploy | This is used to deploy patches on the device. It performs a patch scan and then deploys the patches. | |
Patch Scan |
This class is used to perform a patch scan on a device. It scans for patches and detects if any patches are found or not. |
||
Patch Security Single Definition | This class represents a step for performing a single patch/security scan. | ||
Queries | Select the the pre-existing custom query of security scripts to fix system misconfigurations and vulnerabilities. | ||
System Rules | Select a set of pre-configured rules used to evaluate and enforce system configuration standards. | ||
Reboot | Reboot Now |
his class is used to perform a reboot on a device. It is a subclass of the RebootStepBase class and inherits its functionality. The RebootStep class is specifically designed to perform a reboot immediately without any delay or user interaction. It is categorized under 'Reboot' category and has associated image key of Reboot. The class has the ability to ignore detection, meaning that it will not be detected or executed by the detection engine. The class is marked as a long-running job step, indicating that it may take a significant amount of time to complete. The PossibleResult attribute specifies that the class can return either a success or cancelled result. The GetUIOptions object that configures the user interface options for the RebootStep, including initiating the reboot immediately and enabling the workflow. |
|
Reboot with Custom UI Prompt |
This class is used to perform a reboot with a custom UI prompt. It is a subclass of the RebootStepBase class and uses the RebootSettings custom class for specific settings. It overrides the GetUIOptions method to customize the UI options for the reboot. This will reboot immediately if there are users not logged on. |
||
Quick Reboot UI |
Base class for reboot step in a workflow. | ||
Software | Software Store is a selection of 3rd-party content which can be deployed. Choose from our extensive centralized software library of thousands of applications to easily provision devices. Applications are deployed via the workflow action. It efficiently pushes the application without needing it to upload to your cloud repository in Media Manager. | ||
Install | Launches the installation process for the selected software | ||
Remove |
Uninstall the software |
||
Stage |
This action is used for software deployment without launching install command. The file is loaded to DownloadFolder and DownloadCacheFolder, but not executed. Checking the 'Using Peer File' checkbox in Properties allows implementing of a peer-to-peer technology which is useful for traffic reduction. |
||
Workflows | A curated database of pre-configured workflow templates, designed to address various operational and management scenarios. |