Click 'Configuration Templates' > 'Profiles'> Select a Windows or Mac OS profile > 'Add profile section' > 'Procedures'
- Procedures are standalone scripts for Windows or Mac OS devices that let you accomplish a variety of tasks.
- There are two types of procedures:
- Script procedures – Execute specific tasks like installing applications, run file operations, or get telemetry about an endpoint.
- Patch procedures – Install and update patches on operating systems and third-party apps.(Windows only)
- Endpoint Manager ships with a range of example procedures that you can apply to your devices.
- You can also create your own procedures to accomplish bespoke tasks.
- Note - There are currently no predefined procedures for MAC. You can only create custom procedures.
- Click 'Configuration Templates' > 'Procedures' to view, manage and create procedures.
- You can add procedures to a profile so they automatically run on devices at a scheduled time.
- You can also manually run procedures on target devices as required.
- The processes of adding a procedure to a profile and viewing results are similar for Windows and Mac operating systems. This article explains how to add a Windows procedure to a profile and run it according to a schedule.
Add a procedure to a profile
View procedure execution logs and results
View script procedure results
View patch procedure results
Add a procedure to a profile
- Login to Comodo One / Dragon
- Click 'Applications' > 'Endpoint Manager'
- Click 'Configuration Templates' > 'Profiles'
- Click the ‘Profiles’ tab
- Open the Windows profile applied to your target devices
- Open the 'Procedures' tab
OR
- Click 'Add Profile Section' > 'Procedures', if it hasn't yet been added
- Click 'Add' in the procedures settings screen
Procedure Name - Choose an existing procedure by typing the first few characters of the procedure name. Make sure you have already approved the procedure.
- See this wiki if you need help to actually create a procedure.
Schedule Settings - Two options - 'Custom schedule' and 'Schedule on a maintenance window'.
* Any procedure that does not finish by the cut-off time is aborted and all changes are undone.
- Schedule on a maintenance window
- Maintenance Window Type - Choice of ‘Daily’, ‘Weekly’, ‘Monthly’ and ‘Week of the month’. See this wiki for help to create and manage maintenance windows.
- Maintenance Window Name - Shows a list of maintenance windows that have the frequency you chose in the ‘Window Type’ box above. Select the window you want to add to the procedure.
- End Time Settings:
No end settings - All procedures will run to completion.
Run until - Choose a cut-off time from the calendar.*
Run no more than - Specify how long the procedure should run.*
* Any procedure that does not finish by the cut-off time is aborted and all changes are undone.
User Account Options - Choose 'Run as system user' or 'Run as logged in user' based on the access rights required for the procedure to run at the endpoint. This applies only to 'Script' procedure
Execution Options
- Run this procedure immediately when the profile is assigned to a new device - The procedure will run on target devices as soon as the profile is applied to the device, in addition to any schedule.
- Skip procedure if the device is offline - The procedure will be aborted is the device is not connected to EM at the time of execution.
By default, procedures are queued for later if the device is not connected to EM. The task will run as soon as it comes online. Select this option If you do not want the task to be queued.
Report Options - Only for script procedures
- Send to current user - Procedure results are sent to the admin who is currently logged into Endpoint Manager.
- Send to the following email addresses - Add email addresses to whom log results should be sent.
Configure parameters - Only for script procedures with variable parameters.
- Click ‘Configure parameters’. Use the default values or choose a new value.
- Click ‘Apply’ to add the procedure to the profile
- Repeat the process to add more procedures
- Procedures are run in order from top to bottom
- Select a procedure and click 'Move up' or 'Move down' to set the priority
View procedure logs
There are two places where you can view the results of a procedure:
- Device List - ‘Devices’ > ‘Device List’ > 'Device Management' > Open a Windows device > ‘Logs’ > ‘Script Logs' / 'Patch Logs' / 'Third Party Patch Logs’ - Shows results for all scripts run on a selected device.
- Procedures area - ‘Configuration Templates’ > ‘Procedures’ > Open a procedure > ‘Execution Log’ - Shows all devices on which a selected procedure was run.
Click the following links for more details:
Script Procedure Results
Device list interface – Shows script results on a single device
- Click 'Devices' > 'Device List'
- Click the 'Device Management' tab in the top menu
- Select a company or a group to view just their devices
Or
- Select 'Show all' to view every device enrolled to EM
- Click on any Windows device then select the 'Logs' tab
- Select the 'Script Logs' sub-tab
This opens a list of all script procedures run on the device. You can also see the scripts start/end time and whether or not it was successful.
- Click 'Details' in the row of the procedure name to view the results of a particular procedure
- The 'Tickets' tab shows tickets that were created as a result of a failed procedure.
- Click the ticket link to open the ticket in the service desk.
Procedures interface – Shows script results on all target devices
- Click 'Configuration Templates' > 'Procedures'.
- Browse the folder tree to locate the procedure for which you want to view results
- Click the name of the script procedure then click 'Execution Log'
This opens a list of all devices on which the script was run:
- Click 'Details' in the row of a device to view specific results:
The details are shown under two tabs:
- Statuses - The date and time at which successive stages in the procedure were run, their success status and results.
For example, the 'Get Running Processes' results show a list of all processes found running on the device.
- Tickets - Shows tickets raised by failed procedures.
- Click the ticket link to open the ticket on the service desk.
View OS patch procedure / third party application patch procedure results
Device list – Shows patch procedure results on a single device
- Click 'Devices' > 'Device List'
- Click the 'Device Management' tab in the top menu
- Select a company or a group to view just their devices
Or
- Select 'Show all' to view every device enrolled to EM
- Click on any Windows device then select the 'Logs' tab in the device details interface
- Select the 'Patch Logs' or 'Third Party Patch Logs' sub-tab
This opens a list of all patch procedures run on the device along with their status (success/failure), their start/finish time and time of last status update.
- Click 'Details' in the row of a procedure to view specific results:
- The 'Tickets' tab shows tickets that were created as a result of a failed procedure.
- Click the ticket link to open the ticket in the service desk.
Procedures interface – Shows patch procedure results on all target devices
- Click 'Configuration Templates' > 'Procedures'.
- Click the name of the patch procedure under 'My Procedures' or 'Predefined Procedures' for which you want to view results, then click 'Execution Log' in the Procedure Details screen.
- This will open a list of all devices on which the procedure was run along with their status (success/failure), their start/finish time, and the time of the last status update.
- Click 'Details' in the row of a device to view specific results:
- The 'Tickets' tab shows a list of tickets that were created as a result of a failed procedure.
- Click the ticket link will open the ticket on the service desk.