What is Automations?
Automations in Level allow you to:
- Automatically apply policies (monitoring and patching) to devices: Set rules to ensure that all your devices are covered with the appropriate policies as soon as they are added to Level.
- Run tasks on a schedule: Schedule recurring tasks like backups, updates, or system checks to run automatically at specified intervals.
- Perform tasks based on events: Trigger actions based on specific events, such as when a new device is added, tags are applied, devices change groups, monitor indicates an issue, a policy fails, or a system metric crosses a threshold.
Automations are the answer to keeping your IT environment running smoothly with minimal manual intervention.
Let's Start with Automatically Tagging Devices
One of the most powerful uses of automations is automatically tagging devices. By tagging newly created devices, you can automatically apply monitoring and patch policies to those endpoints. Moreover, these tags can trigger subsequent automations, such as installing specific software when a device is tagged as "Windows."
Default Tags Automation
Level includes a "Default Tags" automation that helps you get started. This automation automatically tags devices based on their type, such as "Workstation" or "Server." Let’s take a closer look and tweak this automation to better suit your needs.
Customizing the Automation
- Review Tag Workstation & Server: Start by reviewing the default tags for workstations and servers. Ensure these align with your current environment.
- Add Apply Tags Action:
- Configure Level to automatically tag Windows endpoints with the "Windows" tag.
- Add another "Apply Tags" action to automatically tag macOS endpoints with the "macOS" tag.
- Finally, add an "Apply Tags" action to automatically tag Linux endpoints with the "Linux" tag.
- Set Conditions: Don’t forget to add conditions to each action to ensure tags are only applied to devices that match the platform you are targeting.
These actions will not only help in organizing your devices but will also allow you to trigger further automations based on these tags.
Handling One-Off Monitors or Patch Overrides
If you need to apply specific monitors or patch overrides that don't fit into your standard automations, you have a couple of options:
- Targeting Groups to Apply Tags: You can create groups based on different criteria (e.g., "Production," "Nginx," "Exchange") and apply tags to these groups manually or automatically.
- Conditional Tagging Based on Shell Actions: Use a shell script that determines whether a tag should be applied based on the script’s success or failure. If the script exits with an error, the tag won’t be applied. If it exits successfully, the automation will continue with the tagging step.
Note: We’re currently working on adding support for variables and custom fields. This will provide even more dynamic control and simplify handling multiple conditions within a single automation.
Automation Example - Windows Setup
Let’s create an automation that configures a new Windows device automatically.
Trigger
Select the "Tag applied" trigger, and create or use a tag like "Setup."
Actions
Now, let's set up this Windows device by choosing the Actions that meet your endpoint setup requirements.
Here are some suggestions to get you started:
- Add Admin Users
- Join to Company Domain
- Enable/Configure the Firewall
- Install & Configure AV
- Install Office (See Install Office Action)
- Install Standard Software (See Winget Action)
- Check for Updates (See Windows Update Action)
- Windows Defender Update (See Windows Defender Actions)
- Windows Defender Scan (See Windows Defender Actions)
- Apply Tags (apply security and monitoring policies)
- Restart
This automation ensures that every Windows device is consistently configured according to your standards right from the start.
Automation Example - Weekly Security Check
Let’s create an automation that runs a weekly security check to ensure your systems are healthy and secure.
Trigger
Select the "Weekly" trigger and configure the day and time (e.g., Sundays at 4 AM).
Tip: If needed, use a conditional to limit the devices that enter this automation to ensure only relevant systems are checked.
Actions
Here are some actions to include in your weekly security check automation.
- Update Windows Defender: Use the Windows Defender Action to ensure the latest definitions and updates are applied.
- Windows Defender Scan: Run a full system scan using the Windows Defender Action.
- Upgrade 3rd Party Packages: Use the Winget Action to upgrade all third-party packages installed on the system.
- Install Windows Updates: Use the Windows Update Action to apply any pending updates to keep the system secure.
- Run a Security Audit Script: Create a script action that checks critical security components, including:
- Security Center settings
- Antivirus (AV) status
- Firewall configuration
- Admin users on the system
- Check SMART Disk Health & Disk Errors: Run a script action to check the SMART status of disks and scan for any disk errors.
Regular automated checks like these help you catch and address security issues before they escalate into major problems, keeping your IT environment secure and running smoothly.
Automation Example - User Approval Reboot (Uptime and Tag)
Discover how Level simplifies one of IT's most common tasks - device reboots.
In this video, we demonstrate two powerful methods to manage reboots efficiently:
- Schedule a Reboot: Learn how to set up hassle-free, after-hours reboots for seamless updates and maintenance.
- Immediate reboots with user approval: See how to initiate urgent reboots while keeping your end-users in mind.
Take your IT management skills to the next level with Automations. In this video, we dive into smart, automated reboot strategies that keep your systems running smoothly without constant manual intervention. Learn how to set up two game-changing automations:
- Uptime-Based Reboots: Automatically reboot devices that have been running too long, maintaining peak performance.
- Windows Update Reboots: Let Level detect when Windows needs a restart and handle it intelligently.