- 15 Oct 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Quest KACE - Run Script
- Updated on 15 Oct 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Quest KACE - Run Script runs a KACE script on each of the assets that are the result of the saved query supplied as a trigger (or devices selected in the asset table).
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
General Settings
- Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
- Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
- Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapter Fetch History and Asset Investigation Modules
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
- Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
- Use stored credentials from the Quest KACE adapter - Select this option to use the first connected Quest KACE adapter credentials.NOTE
- To use this option, you must successfully configure a Quest KACE adapter connection.
- The user name and the password used for the adapter connection must have the Required Permissions to fetch assets.
Required Fields
These fields are required to run the Enforcement Set.
Script ID - The ID of the KACE script to run.
- Identify the correct Script ID
Instance Name - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional.
Connection Parameters
When Use stored credentials from the Quest Kace adapter is toggled Off, these fields are required:
- KACE SMA Domain - The hostname of the KACE Systems Management Appliance (SMA) server.
- User Name and Password - The user name and password for an account that has permissions to run scripts on machines.
- Organization Name - The organization name. If the KACE Systems Management Appliance (SMA) appliance is configured for multiple organizations, The connection is limited to a single specified organization for the requesting user.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.
HTTPS proxy User Name - The user name to use when connecting to the server using the HTTPS Proxy.
HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.
APIs
Axonius uses the KACE Systems Management Appliance (SMA) API.
Required Permissions
The user account specified must have:
- Administrator role to run scripts.
- Select the Manage Device Access option:
Required Ports
Axonius must be able to communicate with the value supplied in Hostname or IP Address via the following ports:
- TCP port 443
For more details about other Enforcement Actions available, see Action Library.