Enforcement Action Index
  • 21 Feb 2024
  • 8 Minutes to read
  • Dark
    Light
  • PDF

Enforcement Action Index

  • Dark
    Light
  • PDF

Article Summary

This index lists all available Enforcement Actions. You can use the links here or see Enforcement Action Library.

Axonius offers the following actions, categorized as follows:

Notify

Send emails or notifications to various systems, such as Syslog, Slack, and others.

Amazon Web Services (AWS) - Send CSV to S3
Amazon Web Services (AWS) - Send JSON to S3
Axonius - Push System Notification
Axonius - Send Email
Axonius - Send Email to Assets
BeyondTrust BeyondInsight - Send Block Policy to SCP
Box - Send CSV
CSV - Send to SCP
CSV - Send to SFTP
CSV - Send to Share
Email - Send per Asset
HTTPS Log Server - Send Log Message
HTTP Server - Send to Webhook
Microsoft Azure - Send Assets to Microsoft Power BI (Send Data to Power BI)
Microsoft Azure - Send CSV to Azure Storage
Microsoft Azure - Send CSV to Microsoft OneDrive
Microsoft Teams - Send Message
Microsoft Teams - Send Direct Message to Assets
SharePoint - Send CSV
Slack - Send Message via Webhook
Slack - Send Message to Channel
SQL - Send Assets to Table (Send to SQL Table)
Syslog Server - Send Log Message

Create Incident or Ticket

Create an incident or ticket in various third-party systems, such as ServiceNow, Jira, and others.

Adobe Workfront - Create Issue
BMC Helix Remedy - Create Ticket
ChangeGear - Create Incident
Cherwell IT Service Management - Create Incident (Create Cherwell Incident)
Cherwell IT Service Management - Create Incident per Asset (Create Cherwell Incident per Entity)
Demisto - Create Incident per Asset
Freshservice - Create Ticket
Freshservice - Create Ticket per Asset
Jira - Create Issue - This Enforcement Action has been deprecated from Axonius version 6.0.10. Its functionality has been moved to Jira Service Management - Create Issue.
Jira - Create Issue per Asset - This Enforcement Action has been deprecated from Axonius version 6.0.18. Its functionality has been moved to Jira Service Management - Create Issue per Asset.
Jira Service Management - Create Ticket
Jira Service Management - Create Ticket per Asset (Create Jira Service Desk Incident per Entity)
Jira Service Management - Update Tickets
ManageEngine ServiceDesk Plus - Create Request
ManageEngine ServiceDesk Plus - Create Request per Asset
Microsoft Azure DevOps - Create Task
Opsgenie - Create Alert
PagerDuty - Create Incident
Salesforce - Create Case
ServiceNow - Create Incident
ServiceNow - Create Incident per Asset
SolarWinds Service Desk - Create Incident
SysAid - Create Incident
TOPdesk Enterprise Service Management - Create Ticket
Zendesk - Create Ticket
Zendesk - Create Ticket Per Entity
Update Zendesk Tickets
Zoho Desk - Create Ticket

Axonius Utilities

Perform Axonius actions on devices or users.

Axonius - Add Custom Data to Assets
Axonius - Remove Custom Data from Assets
Axonius - Delete Assets
Axonius - Add or Remove Tag
Manage Custom Enrichment - Enrich Assets with CSV File
Axonius - Calculate Risk Score

Enrich Asset Data

Enrich asset data using different sources.

Axonius Network Discovery - Enrich Asset Data
Burp Suite - Run Site Scan
Censys - Enrich Asset Data
CyberInt - Enrich Asset Data
Dell TechDirect - Enrich Asset Data (Enrich Data with Dell TechDirect)
Enrich Asset Data - EPEAT
GreyNoise - Enrich Asset Data (Enrich with GreyNoise IO)
Have I Been Pwned - Enrich Users' Data
Lenovo - Enrich Asset Data
OpenCTI - Enrich Asset Data
Portnox CLEAR - Enrich Asset Data
Shodan - Enrich Asset Data
Authorize Asset - Tailscale
Web Server Information - Enrich Asset Data

Manage CMDB Assets

Create or update CMDB assets (ServiceNow, Cherwell, etc.)

Absolute - Unenroll Asset
Asset Panda - Create And Update Assets
BigFix Remove Asset
BossDesk - Create and Update Assets
CA Service Management - Create Assets (Create CA CMDA Asset)
Cherwell - Create Assets
Cherwell - Remove Assets
Cherwell - Update Assets
Device42 - Create or Update Assets
Exabeam - Update Context Table
Freshservice - Create Assets
Freshservice - Update Assets
Ivanti Service Manager - Create Assets
Ivanti Service Manager - Update Assets
Jamf Pro - Add Assets to Computer Group
Jira Assets Platform - Add Assets
Jira Service Management - Create Insight Asset per Asset (Jira Service Desk/Create Jira Insight Asset per Entity)
Jira Service Management - Update Insight Asset (Jira Service Desk/Update Jira Insight Asset)
Kandji - Update Device Blueprint
ManageEngine ServiceDesk Plus - Create and Update Assets
Microsoft System Center Configuration Manager (SCCM) - Add or Remove Assets to Collection (Add Assets to SCCM Collection)
Netbox - Connect Contacts to Device
Netbox - Create or Update Assets
Netbox - Remove Assets
Ostendio - Create or Update Ostendio Asset
phpIPAM - Create or Update Assets
Send Assets Data - Kovrr
ServiceNow - Create Assets
ServiceNow - Update Assets
SNIPE-IT - Create Asset
SolarWinds - Create Asset
Sophos Central - Remove Assets
Splunk - Create and Update Assets
SymphonyAI Summit - Create or Update Assets
TOPdesk Enterprise Service Management - Create Asset
ZenDesk - Create Custom Object per Asset

Update VA Coverage

Update scanned scope in various VA tools.

Cisco Meraki - Update Client Policy
Kenna - Add Tags to Assets
Kenna - Remove Tags from Assets
Kenna - Replace Tag in Assets
Qualys - Add IP Addresses to Asset Group
Qualys Cloud Platform - Add IP Addresses as Host Assets (Add IPs to Qualys Cloud Platform)
Qualys Cloud Platform - Add Tags to Host Asset
Qualys Cloud Platform - Remove Tags from Host Asset
Qualys Cloud Platform - Update Asset Names to Host Names
Rapid7 Nexpose and InsightVM - Add IP Addresses to Site (Add IPs to Rapid7 InsightVM Site)
Rapid7 - Remove IP Addresses from Asset
Rapid7 Nexpose and InsightVM - Add or Remove Tag to/from Assets
Tenable.io - Add Agent to Agent Group
Tenable.io - Add IP Addresses to Scan (Add IPs to Tenable.io Scan)
Tenable.io - Add IP Addresses to Target Group (Add IPs to Tenable.io Target Group)
Tenable.io - Add or Remove Tags to/from Assets (Tag Tenable.io Assets)
Tenable.io - Create Assets
Tenable.sc (SecurityCenter) - Add IP Addresses to Assets

Deploy Files and Run Commands

Run a Windows shell command, WMI, or Linux SSH scan.

Absolute - Run Script (Run Absolute Reach Scripts)
Axonius - Deploy Files and Run Shell Command on Linux Assets
Axonius - Run Linux SSH Scan
Axonius - Deploy Files and Run Shell Command on Windows Assets
Axonius - Run Windows WMI Scan
BigFix - Create Fixlet Action
Chef - Run Command
Quest KACE - Run Script

Execute Endpoint Security Agent Action

Isolate or unisolate devices in various EDR solutions.

Automox - Change Policy
Automox- Install Update
Automox - Run Worklet per Asset
CrowdStrike Falcon - Add/Remove Assets to/from Host Group
CrowdStrike Falcon - Isolate and Unisolate
Crowdstrike Falcon - Add or Remove Tagging Group to/from Assets
CrowdStrike Falcon - Delete Hosts
CrowdStrike Falcon - Run Script
Cybereason Deep Detect & Respond - Add Tag to Assets
Cybereason Deep Detect & Respond - Isolate or Unisolate Assets
Cylance - Delete Devices
Datadog - Add Tag to Assets
Forescout CounterACT - Assign Assets to Group Policy
LimaCharlie - Isolate/Unisolate Assets
ManageEngine Endpoint (Desktop) Central and Patch Manager Plus - Perform Action (Manage Computer in ManageEngine Desktop Central SoM)
McAfee ePolicy Orchestrator (ePO) Add or Remove Tag to/from Assets
Microsoft Defender ATP - Add or Remove Tag to/from Assets
Microsoft Defender ATP - Isolate/Unisolate Assets
Offboard Assets - Microsoft Defender ATP
Palo Alto Networks Cortex XDR - Isolate/Unisolate Assets
Sailpoint - Disable Users
SentinelOne - Add or Remove Tag to/from Assets
SentinelOne - EC Isolate/Unisolate Assets
SentinelOne - Execute Remote Script
SentinelOne - Initiate Scan
SentinelOne - Remove Asset
Tanium - Add or Remove Tag to/from Assets
VMware CB Cloud - Change Policy by Name
VMware CB Cloud - Change Policy by Policy ID
VMware CB EDR - Isolate and Unisolate Assets

Manage Users and User Groups

Enable or disable users or user groups.
Microsoft Entra ID (Azure AD) - Forward Email Rule
Equinix - Create Users
Equinix - Disable Users
Equinix - Remove Users
LastPass - Disable Users
Jira Software - Create User
Jira Software - Delete User
Microsoft Active Directory (AD) - Change Assets OU
Microsoft Active Directory (AD) - Add Assets to Group
Microsoft Active Directory (AD) - Remove Assets from Group
Microsoft Active Directory (AD) - Remove Assets from AD
Microsoft Active Directory (AD) - Add or Update LDAP Attributes of Assets
Microsoft Active Directory (AD) - Enable or Disable Assets
Microsoft Active Directory (AD) - Reset Users' Passwords
Okta - Add or Remove Users to/from Group
Okta - Disable Users
Okta - Enable Users
Logout User - Onelogin
Modify User Status - OneLogin
Modify User State - OneLogin
Modify User Custom Fields - OneLogin
Set a New Password for User - Onelogin
Salesforce - Suspend User
SAP Concur - Create User
SAP Concur - Delete User
SAP Concur - Modify User
Tenable.io - Delete Account
Tenable.io - Delete Asset
Tenable.io - Update Account Status
Thycotic - Suspend User

Manage AWS Services

Actions on Amazon AWS Services, such as start/stop or tag.

AWS - Start/Stop EC2 Instances
AWS - Add Tags to Resource - Previously named Add Tag to Amazon EC2 Instance
AWS - Remove Tags from Resource - Previously named Remove Tag from Amazon EC2 Instance
AWS - Install Software Using SSM
AWS - Patch Software Using SSM
AWS - Delete or Suspend IAM Users

Manage Microsoft Azure Services

Actions on Microsoft Azure cloud instances.

Microsoft Azure - Add Tag to Cloud Instance
Microsoft Entra ID (Azure AD) - Add or Remove Assets in Group

Microsoft Entra ID (Asure AD) - Delete Assets
Microsoft Entra ID (Azure AD) - Add or Remove Members from Administrative Unit
Microsoft Entra ID (Azure AD) - Delete Assets
Microsoft Entra ID (Azure AD) - Enable or Disable Assets
Microsoft Entra ID (Azure AD) - Revoke Users Session
Microsoft Entra ID (formerly Azure AD) - Role Assignment Actions

Manage DNS Services

Actions on DNS related services.

DNS Made Easy - Remove Subdomain

Manage Google Services

GCP - Add or Remove Tags to/from Assets
GCP - Add or Remove Labels to/from Assets
Google BigQuery - Send to Table
GSuite - Add Users
GSuite - Add Users to Group
Gsuite - Delete Extension
GSuite - Remove Users
Google Workspace - Remove Users From Group
Google Workspace - Reset Users Logon Cookies
Google Workspace - Role Assignments Actions
Google Workspace - Send Message
Google Workspace - Change Users OU

Manage Software

Github - Remove User Extensions
ManageEngine Endpoint (Desktop) Central and Patch Manager Plus - Create Patch Action
Tanium - Create Software Deployment


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.