Asset Actions

Once you have created queries and investigated assets and their adherence to policies, you can perform actions on a single selected asset or in bulk on assets that you select:

Actions are displayed as icons at the right side of the row when you hover over any row in the table. When there are four actions or more, on hover, only the first three Actions are displayed. Click the More Actions icon to see the rest of the available actions. Once you select one or more rows, the available actions are displayed at the top of the table.

1. On an Asset page, hover over a row or select one or more assets, and then click the relevant Actions button, or select it from the More Actions menu.

Axonius supports the following actions:

Add Custom Field

You can add a single custom field to one or more selected assets at the same time.

Learn how to work with custom data, including how to add an existing or newly created custom field to one or more assets.

Tag

Use tags to assign context to your assets for granular filters and queries. Apply new or existing tags to the selected assets. The list of selected tags is applied to all selected assets. Therefore, tagging may result in the removal of existing tags from one or from several of the selected assets.
Refer to Working with Tags to learn about working with Tags on assets.

Delete Assets

On the Assets page, hover over an asset or select assets, and then select Delete <asset> to delete the selected assets from Axonius. Deleted assets may be added again to Axonius if they are discovered in any future discovery cycle.
The action text is according to the Assets page. For example, Delete Devices, Delete Users, Delete Tickets.

Improve Correlation - Link Assets

Manually correlate at least two asset records and consolidate their details into a single asset.

Improve Correlation - Unlink Assets

Undo the correlation on a single asset (with multiple adapter sources) into the constituent adapter sources of that asset. Each individual adapter previously used in that correlation will now present as a single-adapter source asset. For example, if an asset has been correlated from three different adapters, unlinking that asset will result in three different unlinked assets.

Enforce - Create Enforcement

Create a new enforcement set from the Assets pages with a Main Action that runs on the entities that you selected ('custom selection').
When you select this option, a drawer opens that lets you configure the following:

1. Enforcement set name.
2. Main Action - Select an action from the Action Library, to be performed when the enforcement set is executed.

Once configured, click Save and Run to save the enforcement set and generate an enforcement task that will run on the entities you have selected.

For more details, see Creating Enforcement Sets.

Enforce - Use Existing Enforcement

You can run a predefined Enforcement Set on one or more assets.

To run an existing Enforcement Set on one or more assets

1. On the Assets page, hover over an asset or select assets, and then from the More Actions menu, select Enforce> Use Existing Enforcement. A dialog opens for selecting the Enforcement Set to run on the selected assets.
   
2. In the Enforcement Set... search box, type all or part of the Enforcement Set name, and then from the resulting list of Enforcement Sets containing the searched string, select the relevant Enforcement Set name.

3. Click Run. The Enforcement Set runs on the selected assets.
   To learn more, see Enforcement Center Page.

Filter Out from Query Results

Filter out the selected assets from the query results. Once filtered out, the Query Wizard adds a new Filtered out from query result line. Click Clear to restore the filtered out assets.

Export Comparison Report

Select one or more assets to create a comparison report. Refer to Comparison Report for Assets.

Create Ticket

You can create a ticket/incident in a third-party ticketing system directly from an assets table. This shortcut enables you to create an Enforcement Set of the Create Incident or Ticket category for a single or several assets (of the same type) in just one click directly from the asset Actions menu without having to open it in the Enforcement Center. Using this shortcut saves time and effort.
When you click Create Ticket from the assets table More Actions menu, a dialog opens where you can select an EC action. The dialog updates with only the mandatory fields required to create the relevant "Create Incident or Ticket" action. The fields presented are a subset of the fields that are available when you create this Enforcement Set from the Enforcement Center, and should be filled in with the same values as if you were creating the Action from the Enforcement Center itself. You can fill in only the presented fields and immediately create the action, or you can continue to the Enforcement Center to add more configuration. By default, the action connects to the third-party adapter using the adapter connection configured in the system for that adapter. The Jira - Create Issue and Create Issue per Asset need to have a Jira server configured in System Settings > External Integrations > Configuring Jira Settings.
The Actions created from asset tables are automatically placed in the Enforcement Center in the Quick Actions folder.
You can view the details of all tickets created in third-party ticketing systems and view their progress directly from the Asset Profile Tickets tab.

• For a full list of incidents and tickets, see Create Incident or Ticket.
• For Vulnerabilities, the actions listed in Using Vulnerabilities Queries in Enforcement Actions are supported.

To create a ticket/incident directly from an assets page

1. On the Assets page, hover over an asset or select assets, and then select Create Ticket. The Create Incident or Ticket dialog opens.
   
2. From the dropdown, select a vendor and action. The dialog updates with the mandatory fields relevant for the selected vendor and action.
3. Fill in the mandatory fields presented in the dialog (see Creating Enforcement Sets).
4. Proceed in one of the following two ways:
   • Create the ticket directly from the quick Create Incident or Ticket dialog - Click Create. A message appears saying either that the ticket was created successfully or that it failed.
   • Go to the Enforcement Center to configure optional and advanced settings for the Enforcement Set - Click Advanced and enable options and complete fields as required. Then click Save and Run. A notification opens with the message: Enforcement Set was triggered to run. Click Close.

The ticket is saved in the Quick Actions folder in the Enforcement Center.

Open in Graph

You can select individual assets in one of the asset tables and view these assets in the Asset Graph. This way you can start an investigation directly with known assets. This is one of three ways to open the Asset Graph. All actions are available as in any other entry into the Asset Graph. See Asset Graph for complete details about using the Asset Graph.

To select assets in an asset page and open them in the Asset Graph:

1. On the Assets page, hover over an asset or select assets, and then from the More Actions menu select Open in Graph.

   

   The first breadcrumb in this case is Selected Assets. Further filtering or other investigation steps will be listed afterwards.

Open Asset Profile Page in New Tab

You can open the relevant Asset Profile page in a separate tab. From the More Actions menu, select Open <asset name> Profile. For example, on the Devices page, from the More Actions menu, select Open Device Profile.