| Type | Description | Required fields | Example |
|---|
| 1 | device_tags | get the device_tags data as dict[str,str] | | | Code Block |
|---|
| get_device_tags:
type: device_tags
name: get device tags
register_to: my_device_tags
go_to: collect_cpu_usage_statistics |
|
| 2 | device_task | run ssh/https command on the device and parse it | | | Code Block |
|---|
| collect_all_cores_for_device:
type: device_task
name: "Find all cores for device"
runner:
type: SSH
command: cat /proc/cpuinfo | grep processor | wc -l
parser:
args: []
method: parse_num_processors
register_to: num_processors
go_to: find_processes_with_highest_cpu_usage |
|
| 3 | if | go to next block based on condition | condition: the boolean condition to check. the condition can use any python statement with the collected args. unlike dynamic strings, the condition arg does not need to be wrapped in {{}}.
then_go_to: name of next block_id to go in case the condition is True
else_go_to: name of next block_id to go in case the condition is False
| | Code Block |
|---|
| check_if_high_average_cpu_usage:
type: if
name: check if high average cpu usage
condition: average_cpu_usage > 1
then_go_to: find_all_physical_interfaces
else_go_to: Retrieve_securexl_status |
|
| 4 | logic | run a python logic on args and return result | args: more args to pass to the parsing name
method: the parsing method name (located in workflow_name.py
register_to: name of the result parameter
go_to: name of next block_id to go
| | Code Block |
|---|
| get_latest_crashed_process:
type: logic
name: get latest crashed process
method: get_latest_crashed_process
args: [core_dump_entries]
register_to: latest_crashed_process
go_to: report_core_dump_detected |
|
| 5 | generate_panos_key | generate a panos api-key | | | Code Block |
|---|
| generate_panos_key:
type: panos_key_generator
name: generate panos key
register_to: api_key
go_to: get_admins |
|
| 6 | conclusion | the conclusion. after the conclusion block, the workflow should end | | | Code Block |
|---|
| report_restart_logs:
type: conclusion
name: System reboot detected
triage_conclusion: |
This device was rebooted due a operation identified on logs:
{{restart_entries}}
triage_remediation_steps: sometimes reboots are needed regarding support or maintenance operations, please check if this is the case. |
|
| 7 | issue_items | Get the issue items as a list of strings | | | Code Block |
|---|
| get_issue_items:
type: issue_items
name: get issue items
register_to: my_issue_items
go_to: run_foreach_issue_item |
|
| 8 | foreach | Go over each issue item | issue_items_arg: argument to pass to each loop step
register_item_to: name of the result parameter
start_block: name of next block_id to go
blocks : list of the internal blocks
| | Code Block |
|---|
| start_loop:
type: foreach
name: start loop
register_item_to: my_item
start_block: check_larger_than_10
blocks:
check_larger_than_10:
type: if
name: check_larger_than_10
condition: my_item > 10
then_go_to: report_more_than_10
else_go_to: report_less_than_10
report_more_than_10:
type: conclusion
name: report_more_than_10
triage_conclusion: '{{ my_item }} report_more_than_10'
triage_remediation_steps: report_more_than_10
report_less_than_10:
type: conclusion
name: report_less_than_10
triage_conclusion: '{{ my_item }} report_less_than_10'
triage_remediation_steps: report_less_than_10 |
|
| 9 | ping (not yet merged) | Ping a target server, returns bool (True/False) for success/failure. Note: ping is from the Indeni server to the target server. | server: IP or address of server to ping
register_to: name of the result parameter
go_to: name of next block_id to go to
| | Code Block |
|---|
| my_ping:
type: ping
name: my ping
server: 8.8.8.8
register_to: my_result
go_to: my_next_block |
|
| 10 | port_check (not yet merged) | Probe a server’s port and get the status. Returns one of 'open', 'closed', 'filtered', 'unfiltered', 'open|filtered', 'closed|filtered' Note: probe is from the Indeni server to the target server. | server: IP or address of server to probe
port: Port of server to check
register_to: name of the result parameter
go_to: name of next block_id to go to
| | Code Block |
|---|
| my_port_check:
type: port_check
name: my port check
server: 8.8.8.8
port: 53
register_to: my_port_result
go_to: my_next_block |
|
| 11 | loop | Perform actions in a loop for each item in an iterable | start_block: The initial block that starts the iteration
go_to: Name of next block_id to go to after all iterations are over
blocks: The list of blocks that that performs actions within the loop
iterable: An iterable variable, which the loop will iterate over
register_iterable_to: Name of the iterable-item
register_loop_results_to: The map(dictionary) containing the results.
| | Code Block |
|---|
| start_loop:
type: loop
name: Loop through my_list items
iterable: my_list
register_iterable_to: my_iterable
register_loop_results_to: loop_result_map
start_block: loop1
go_to: some_other_block
blocks:
loop1:
type: logic
name: multiply by 2
method: multiply
args: [my_iterable]
register_to: multiplied
go_to: end_loop_block
end_loop_block:
type: end_loop
name: this is the end of this loop
iteration_result: iteration_res + 2 |
|
| 12 | end_loop | Marks the end of a loop block iteration and registers the final result | | | Code Block |
|---|
| end_loop_block:
type: end_loop
name: this is the end of this loop
iteration_result: iteration_res + 2 |
|