Skip to main content
Sign in

Creating workflows for Fleet assets

  • April 17, 2024 08:18
  • Updated

Let Oomnitza be your single source of truth!

You'll get visibility of Fleet host information as data from Fleet is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Fleet in minutes

Get the information and insights that you need by creating configurable workflows for:

  • Getting detailed host information, including mobile device management details.
  • Deleting a host

Before you start

Before you can create workflows with Oomnitza, you need to have added your Fleet credentials to Oomnitza and set your domain as a global variable. We recommend that you also create an extended integration for Fleet assets. You can use the information retrieved in this integration to trigger workflows.

Related Links

small_blue_link.svgAdding your Fleet domain as a global variable

small_blue_link.svgAdding your Fleet credentials to Oomnitza

small_blue_link.svgCreating an extended integration for Fleet assets

Create user workflows

To create a user workflow, you must complete these steps:  

  1. Click Configuration > Workflows 
  2. Click Add (+) and select People from the list.
  3. Drag and drop the API block onto the Sandbox.
  4. Click Edit on the API block and enter FleetDM in the search field. 
  5. Select a preset:
  6. To choose a preset, click the forward arrow (>).
  7. Select the credentials that you created earlier.
  8. Enter any mandatory information when prompted.
  9. Select Advanced Mode.
  10. Select the Response tab. You can map the entire response by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field, such as API Response. Once you have the entire response, you can then parse the JSON response values to custom Oomnitza fields, as per the example below.
  11. Connect the Blocks. 
  12. Save, validate, and activate your workflow.

generic_response_mapping.PNG

Using the Get Host MDM (mobile device management) Information preset

The Get Host MDM Information preset retrieves a host's MDM enrollment status and MDM server URL.

The host to be retrieved is referenced in the Advanced Mode > Information tab in the property{{fleetdm_host_id}}.

This action is supported on Windows and MacOS only. On MacOS this requires the macadmins osquery extension which comes bundled in Fleet's osquery installers.

If the host exists but is not enrolled in an MDM server, then this API returns null.

small_blue_link.svgFleet API Documentation: Get host's mobile device management (MDM) information

Using the Turn Off MDM For Host preset

The Turn Off MDM For Host preset turns off MDM for a specific host.

The host to be turned off is referenced in the Advanced Mode > Information tab in the property{{fleetdm_host_id}}.

small_blue_link.svgFleet API Documentation: Turn off MDM for a host

Using the Get Host Details preset

The Get Host Details preset gets the details of a specified host.

The host to be retrieved is referenced in the Advanced Mode > Information tab in the property{{fleetdm_host_id}}.

small_blue_link.svgFleet API Documentation: Get host.

Using the Delete Host preset

The Delete Host preset deletes the specified host from Fleet.

Note
A deleted host will fail authentication with the previous node key, and in most osquery configurations will attempt to re-enroll automatically. If the host still has a valid enroll secret, it will re-enroll successfully.

The host to be deleted is referenced in the Advanced Mode > Information tab in the property{{fleetdm_host_id}}.

small_blue_link.svgFleet API Documentation: Delete Host.

articles_icon.svg Reference articles for workflows

Related articles

Comments

0 comments

Please sign in to leave a comment.