Creating a Workflow
- 06 Mar 2025
- 7 Minutes to read
- Print
- DarkLight
- PDF
Creating a Workflow
- Updated on 06 Mar 2025
- 7 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
This section describes how to create a Workflow in Axonius.
A new Workflow's configuration page is split into two panes:
- Left pane - Displays the Workflow canvas.
- Right pane - Displays the configuration options for the currently selected node.
The Workflow structure includes:
- The Trigger Type in the top node.
- For Event type: The selected triggering Event in the top node.
- For Scheduled and Manual types: The selected Action in the second node.
- As many routes and sub-routes as are needed, where each one can include:
- Enforcement Actions
- Action Conditions
- Events
- Event Conditions
- Delays
Learn how to adjust your view of the new Workflow page, as required.
To create a Workflow
In the left navigation panel, click the Enforcement Center
icon, and then click the Workflows tab.In the All Workflows page that opens, click Create Workflow.
In the left pane of the New Workflow screen that opens, click the Workflow Settings icon
, and in the Workflow Settings that open in the right pane, type a Workflow name. The name appears in the Workflow pane.
In the Trigger Type pane, select the type of Workflow trigger and configure it, as required.
- For an Event trigger type, this includes selecting the Event for the top node.
- For a Scheduled trigger type, this includes setting the Schedule Plan of the triggering Action (that you add in the second node).
For Scheduled and Manual triggers: Add the triggering Action to the second node of the Workflow.
icon, and then click the Workflows tab.
, and in the Workflow Settings that open in the right pane, type a Workflow name. The name appears in the Workflow pane.
Note:
When you select Trigger Type = Scheduled or Manual, the only button available directly below it is Add Action 
, as in the second node you need to select the triggering action.
- Add nodes to the Workflow one at a time, as required.
To add a node: Hover over the + icon and add one of the Suggested nodes (if they are displayed) or one of the relevant Workflow nodes:Click Add Action
to add an Action node, and then select and configure an Action.Click Add Event
to add an Event node, and then select and configure an Event.- It is not possible to add an Event node following an Action node configured to run on all assets.
Click Add Condition
to add a condition to the Workflow.- When you add a condition under an Event, an Event Conditions box with False and True branches is added to the Workflow. Configure the Event condition.
- When you add a condition under an Action, an Action Conditions box with False and True branches is added to the Workflow. Configure the Action condition.
Click
to add a delay to the Workflow. Configure the Delay node.
to add an Event node, and then 
to add a condition to the Workflow.
to add a delay to the Workflow. When you have completed building the Workflow:
- For a Workflow with an Event trigger, click Save and Activate to activate the Workflow.
- For a Workflow with a Scheduled or Manual trigger, click Save and Run to run the workflow.
The All Workflows folder opens with the newly added Workflow on top of the table. The Workflow is added to the Drafts folder (if configuration is incomplete) or Shared Workflows folder (if configuration is complete).
Note:
- Click Save at any time during the configuration to save changes to the workflow as you add nodes and remain on the Workflow configuration page.
- In a Workflow triggered by an Event, the Save and Save and Activate buttons are disabled when a node with a Condition is not fully defined. You must complete condition configuration in order to save the workflow.
- In a Workflow triggered by an Action, the Save and Run button is disabled when a node with an Action is not fully defined. You must complete the action(s) configuration(s) in order to run the workflow.
- It is possible to Save a Workflow with a Delay node that is configured with an invalid Delay time. However, you can Save and Run or Save and Activate the Workflow only after you correct the Delay time.
Adding Suggested Node to a Workflow
The Axonius Workflows Recommendation Engine can suggest the next node to add to your Workflow, making it easier to build complex and dynamic workflows.
- The Recommendation Engine suggests up to three possible nodes based on the previous node in your Workflow. For example, after a Slack message action, it might suggest a response event or an action condition.
- Suggestions are currently provided only for the node following the bottommost node in the Workflow.
- The Axonius Workflow Node Recommendation engine currently supports the nodes listed below. It is continuously being improved and will support more nodes in the future.
To add a suggested node to the Workflow
Under the bottommost node, hover over the + icon to view suggestions.
In the Suggested node, click Add [event type] to add the suggested node to the Workflow. You can also choose to add a different node.
Example
The following example shows the response Event recommended by the system when hovering on the + sign below the Microsoft Teams - Send Message interactive action.
Benefits
- Simplifies Workflow building - You can quickly add relevant nodes.
- Improves Workflow logic - Ensures a clear and logical workflow structure.
- Enhances Workflow dynamics - Builds more complex Workflows based on user interaction and responses.
Supported Nodes
The following table lists the currently supported interactive Actions, and their suggested response Events.
| Interactive Action | Suggested Event |
|---|---|
| Slack - Send Direct Message to a User | Slack Message Response |
| Slack - Send Message via Webhook | Slack Message Response |
| Microsoft Teams - Send Direct Message to a User | Teams Message Response |
| Microsoft Teams - Send Message | Teams Message Response |
| Microsoft Teams - Send Direct Message to Assets | Teams Message Response |
| Microsoft Teams - Send Direct Message to a Channel | Teams Message Response |
Example - Scheduled Workflow
The following example shows a Workflow that begins with a scheduled Enforcement Action that sends a Slack message. Each time a user responds to the Slack message, an event occurs, and based on the response, the workflow continues.
Configure the Workflow as follows
- In the Trigger Type pane, click Scheduled, and configure a schedule plan for the triggering action of the Workflow. The Scheduled label appears in the Trigger By node in the Workflow pane.
- Hover over the Trigger By node, click the + icon, and click Add Action . An Action node opens; the system- generated UUID appears on the node (preceded by #). A UUID also appears on the Trigger By node.
- In the Action Setup pane, do the following:
- Select the Slack - Send Direct Message to Assets Enforcement Action as the triggering action. The action name appears in the Action node.
- Select the Module and Query Name of the query that defines the assets on which to run the Workflow, and click Apply.
- Configure the Required Fields.
- In Additional Fields, configure the predefined responses (buttons) to be added to the Slack message that is sent to each user resulting from the query.
Note:
You can also use the Slack - Send Message to Channel enforcement action, which is configured with predefined responses, in a Workflow.
- Hover over the Action node, click the + icon. The , and click .
Note:
This interactive action is not yet supported to provide a suggested response event.
In the Event pane that opens, select the Slack Message Response event. The Event pane shows the Retrieved Asset from the previous node. It also shows the Retrieves information in the Event node. This event is sent each time a user responds to the Slack interactive message using the Response buttons.
Hover over the Event node, click the + icon, and click
.In the Event Conditions pane that opens, add an Event Condition - If Response Equals Yes. This enables performing one action if the response to the Slack message is Yes (True branch), and another action if the response is other than Yes (False branch).
Hover over the True branch (user Response Equals Yes), click the + icon, and then click
to add a Delay node to the branch. In the Delay pane, configure a delay of 5 hours.Hover over the Delay node, click the + icon, and then click
.In the Action Setup pane that opens, add the Axonius - Add Tag to Assets Enforcement Action and configure it, including selecting related assets.
Click Save. The Workflow is saved.
For more information about working with Workflows, refer to the following:
Viewing and Configuring Workflows Events Settings
Selecting and Configuring the Workflow Trigger
Selecting and Configuring a Workflow Event
Configuring an Event Condition
Selecting and Configuring a Workflow Action
Configuring an Action Condition
Deleting and Deactivating/Activating Workflows
Was this article helpful?