Create a Workflow
This is a powerful and intuitive automation framework that allows you to create custom task sequences within the Absolute console. Most of the prebuilt tasks available within the Absolute console can be deployed out as automated workflows.
Workflows are currently supported on Windows and Linux endpoints.
When creating workflows there are a few important best practices to follow. These steps will drastically decrease the opportunity of outages or other unfavorable outcomes:
① Save often when deploying cortex workflows, remember to save often, to avoid losing work if access to the console is lost.
② Test often when deploying workflows, test new steps before adding additional steps. This will reduce the complexity of the troubleshooting process.
③ Test carefully when testing workflows, avoid 'Run Now' against 'All Devices' and instead target either a single endpoint or a test lab environment. It is useful to have a virtualized test environment with target devices that have snapshot points enabled. After a 'Run Now' deployment of a workflow, roll back the virtual machines to the snapshot before the deployment of the workflow.
An action can have one or many outcomes, you may link different actions to each outcome.
You can create a workflow by clicking the corresponding button in the Workflows tab (+Create). Templates for all possible actions are placed to the right from the creation field, and you can just drag and drop all the needed ones configuring their custom setting and organizing a required action sequence. Absolute allows you to modify all action steps in the Properties tab. You can also create custom variables and add them to workflows.
Each step can have just one result. So, if you need the same outcome from different steps, you can clone the outcome field as many times as you need by right-clicking on it.
Workflows are scheduled to 'Run Now', via Tasks or as a Publish Policy. Check our guided walk-through below.
The Run Now section provides ready-to-use automation templates to help you quickly address critical system needs. These workflows include a variety of security and patching tasks.
Discovery: Workflow EditorDiscovery: Workflow Editor
+ Create | From the Absolute Cortex menu click 'Create' to create a Workflow |
Save | Saves current Workflow |
Cancel | Cancels last modification |
Settings gear |
Settings This is where you enable Advanced Actions. |
Auto Arrange |
Automatically re-arrange the designer. This change cannot be undone. |
Variables |
Pre-built variables which can be integrated into actions within the Cortex workflow. In addition to the pre-built variables, user generated variables can also be created. For example, if a PowerShell script requires a dynamic variable in order to initialize a configuration, the variable can be called from the Absolute Cortex variables and introduced into the PowerShell script at runtime. More information can be found at Variables page. |
Actions |
All available Actions which can be dragged into the designer. Use drag-and-drop onto the designer page linking actions to the right side of the action. Each action is arranged within a family of actions, such as Reboot actions or Patching actions. Some families of actions are static in nature, and only contain a set number of actions. Other families, such as the Software Management family and Logic family (available as an advanced workflow) are dynamic and will expand or contract as new application deployments or Cortex workflows are added to the Absolute console. To find out more about all existing actions, check out Actions page. |
Guided walk-through: How to Run a WorkflowGuided walk-through: How to Run a Workflow
❶ |
Click 'Run Now' from within a ready Workflows list. You may also click the 'play' button from within the Workflows list. The Workflow will immediately start processing on applicable devices. |
❷ | Select a single or multiple devices to run the workflow on > Click 'Save' > Click 'Run Now'. |
❸ |
Monitor Workflow Progress: Select 'View Run Details' at the top of the screen to view real-time details during the Workflow Run. E.g.: Devices currently being scanned or patched; any conditions that have been triggered (e.g., low disk space, high CPU usage); steps that have been completed in the workflow. |
Guided walk-through: How to Publish a WorkflowGuided walk-through: How to Publish a Workflow
Policies are set to run on a device state basis.
Policies can be applied to any Workflow and can be launched on the set schedules. Check the available options in the table below.
❶ | Publish Policy | Click 'Publish Policy' from within a Workflow. | |
❷ | Name | Add name and description of the task for easier identification. | |
❸ |
Recurrence |
Daily |
Start run every day at the set time. 'Allow Later Start' setting permits to start run at a time later than initially scheduled, giving additional flexibility. |
Interval | Run every day / hour / minute / second | ||
Maintenance window | Run in a specific timeframe during which the task is allowed to occur without causing interruptions or conflicts with other activities | ||
Network Change | Run when a change in the network is detected, such as a device connecting or disconnecting | ||
Once | Run once | ||
User logon | Run when a user logs into a system | ||
❹ | Blackout Hours |
Ignore Blackout Hours Run even if the Global Blackout hours are in effect. Device blackout hours will still cause the task to be ignored if true. |
|
Fail if Black Hour When enabled, ensures that a policy will fail to run during designated black hours. |
|||
❺ | Select Devices | Select which devices to run the Policy on > click 'Save'. |
After the policy is published, it can be edited. To edit the existing policies go to Workflows - Policies, choose an already created policy from the list and double click it. The 'Edit' button on the toolbar allows you to modify the actions of the policy. After making changes click 'Republish policy and Close' on the toolbar. This policy will be pushed to every single device that is managed in that policy.
Potential reasons why a device might appear in the 'Paused' state in Workflow.
- The task or policy is assigned to a maintenance window, and the end user is postponing the reboot until the end of the window. However, the device does not reboot at the end of the maintenance window, preventing the workflow from proceeding to the next step.
- The end user independently reboots or shuts down the computer when prompted, causing a disconnection. This unexpected disconnection disrupts the task in progress.
- The devices were rebooted, but they do not immediately reconnect. The workflow continues with subsequent actions, but the server still shows 'Paused' in the console because the devices haven't updated the server.
- Any agent disconnection, not necessarily due to a reboot, prevents devices from sending results of post-reboot actions. 'Paused' becomes the last status update in the console.
- If any processes involved in the workflow crash, it could prevent the devices from completing the workflow successfully.
- The process managing the reboot (PowerOffCMS.exe) is flagged as malicious by endpoint protection software, leading to premature termination and disruption of the workflow.