To organize vulnerabilities into Automox tasks, follow these steps:
- Download a CSV-formatted vulnerability report from your third-party vulnerability scanner. Refer to Exporting Vulnerability Scanner Reports for the exact requirements.
- Click Manage to navigate to the System Management landing page and click View Pending. This opens the list of pending tasks.
- Click Add Task and upload the CSV file that was downloaded from the vulnerability scanner. If Automox determines the size of the file is acceptable, a confirmation shows that the file is accepted without errors and prompts you to click Next. A message then shows that it is processing the CSV. Click Finish.
- From the Imported Batches tab you can follow the mapping process of the uploaded CSV file.
The mapping process is asynchronous and will take time to discover hostnames and any CVEs that they are impacted by. A sync is complete once it shows as Awaiting Approval. Each CSV file has its own row and when the file completes processing, it is highlighted.
Table Column Description CSV Name Name of the CSV file that was uploaded Queued By Email address of the user who uploaded the file Impacted Devices Number of devices impacted by the task Status Possible values:
- Awaiting Approval
- From the Imported Batches tab, click the CSV file name to open the results page. The Tasks Pending Creation tab outlines all of the tasks to be created (each one is a separate CVE).
- Before creating any tasks, review the separate tab titled Potential Issues that highlights any issues with the data that Automox has ingested.
Table Column Description Device Name of the device with potential issues Hostname Permanent device name Private IP IP address of the device CVE Name of the CVE Issue Type
(hover over description for more information)
- CVE not found: Automox doesn't have data on the CVE ID in question, the CVE is out of date/superseded by a different CVE, or it is associated with a macOS vulnerability or third-party app that we don't currently support.
- Hostname not found: Automox was unable to find a match for the hostname in the report. Check if the Automox agent is deployed on the device.
- Duplicate hostname: Two or more of the same hostnames were found. Automox will apply packages to all duplicated hosts. Ensure that hostnames are unique.
After you have reviewed the issues tab, you can move on to the next step and create tasks.
- From the Tasks Pending Creation tab, you can either create tasks, reject the batch, or cancel and return to the list of batches. To create tasks, click Create Tasks to add tasks to the Tasks page.
- From the Tasks page, click the task name to open the task details page. From here you can run the task, reject the task, or export a detailed CSV. Click Run Now.
When the task is initiated, commands are immediately sent to all impacted devices.
- If reboots are required, the device will be put into a "needs reboot" state after remediation, however, that reboot will not happen automatically.
- We do not support notifications or deferrals for tasks at this time. That is expected for a future release.
- You can export a detailed CSV of all impacted devices with greater detail (Note: This is available for tasks in any status).
The export includes the following:
- Custom Name
- Device ID
- Patch Status
- Error Message
- Private IP
- Public IP
- Time Initiated
- Time Completed
- Patch Completed (identifies the CVE)
- Package Version ID
- At any point you can view a summary page of a task that is in progress. Click the task name from the Tasks page to review real-time, device-level reports. Commands time-out after 24 hours of the device being unreachable, which results in a patch failure. As noted previously, detailed device reports for a given task are available in any status (Pending, In Progress, Executed, Rejected).
- You can reject a task that represents work that will not be done. It will remain in the task list indefinitely with the appropriate status. Tasks that are rejected remain on the Tasks page. If you decide to run that task in the future, you have to re-import the CSV, create the tasks, and run them. This function is primarily to serve the use-case of a CVE or package being obsolete or something that an admin has determined they will not do.