Kaseya VSA: Patching Management – Patching Configuration Report

https://www.youtube.com/watch?v=VUKpZVfHc9Y

MSP Consultant Tobin Carpenter goes over how to create a report to assist you in easily seeing the Patch Management settings for each machine in your environment. This is extremely useful to ensure each machine is configured for patching correctly and quickly. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your VSA.

Step by Step:

  1. Today I'm going to go over how to create a report to assist you in easily seeing the patch management configurations for each machine in your environment. This is extremely useful to ensure each machine is configured for patching correctly and quickly let's do it.
  2. Let's go ahead and head to info center and reports you can see I have this report called patch configuration test that I've already made.
  3. But in order to create this report select the folder that you want to created in, select new, and select report the new report window will open.
  4. Go ahead and name your report. 
  5. Select general and select excel as the report format.
  6. Head back to the layout tab and we need to add three report parts to this report with each being a table select expand report parts and expand patch.
  7. We're going to drag in patch configuration, patch policy member, and patch status by agent.
  8. Let's open up patch configuration and from the columns table we're going to select the following columns: machine id, group name, operating system, windows update automatic windows, automatic update configuration, and reboot action description.
  9. Select next, next, and finish.
  10. Then let's head to patch policy member and select the columns machine ID and policy name.
  11. Select next, next, and finish.
  12. And the last one patch status by agent.
  13. Select the columns machine ID, next scan, scan recurrence auto-update recurrence, and next auto-update.
  14. Select next, next, and finish.
  15. Select save.
  16. And now we need to run our test our report make sure you have the report selected, select run now and what I like to do with this is I like to run it on two different runs one for all servers and one for all workstations that way you can have this information divided so that when you present it to your client it's orderly.
  17. So, let's select the view that you use for all workstations, select submit, allow this a moment to create the report.
  18. This report can take a little while to create depending on how many agents you have in your environment.
  19. So, let's open the report and we're going to have something that looks a little bit like this.
  20. So, you're going to have your patch config top it has your group name, operating system, Windows, automatic update configuration, reboot action description. 
  21. Down a little bit farther you're going to see our patch policy member section with your policy name.
  22. And then at the very bottom you're going to have your patch status by agent with the details that we've added there.
  23. What you want to do or what I do is I create another sheet and I copy all of these details into the other sheet. Then I scroll down to the next section and I copy everything except machine ID.
  24.  I do that for the last two sections, that way you're not having multiple fields with the machine ID.
  25. Then I take that information and I format it as a table so that we can now filter the information.
  26. So, this is what you'll end up seeing you'll have something that looks a bit similar to this you can further review this information by adding pivot tables so that you can further filter this information a little easier for it for your clients. 
  27. That's how you make that report.

LEARN MORE

ConnectWise Automate: Utilizing Limit to Search

https://www.youtube.com/watch?v=Mcvd7evuMtQ

Let's review an underutilized piece of groups. Using the Limit to Search feature, we can further schedule scripts or apply remote monitors to a search within a group.

In this video, we go through where these are found and how to set up a limit to search within a group. This is super handy when keeping your remote monitors and scheduled group scripts organized. We can apply these scripts and monitors to your main service plan groups, but limit which machines get targeted. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your Automate.

Step by Step:

  1. Today I wanted to go over scheduling monitors and or scripts based on a search on your surface plans let's get into it.
  2. So, we all have kind of dealt with some service plans if you at least probably heard the phrase the name itself is more or less an arbitrary group name. 
  3. It kind of just has some setup and predefined settings with the ignite setup and kind of the integration into Automate and so when you click things like your onboarding and patching it comes down into a service plan group here.
  4. So again this is under the groups tab, scroll down to service plan,s and you have your two groups here for servers and workstations.
  5. What I'm going to do is open up the service group here and once this loads, so we've got some information we've got the group name, the search and everything and how it's basically making this group.
  6. What I want to do though is come over to computers and either scheduled scripts or remote monitors whichever kind of you're wanting to do.
  7. And something that gets left out is this limit to search ability so one thing that's kind of nice on the first initial setup of Automate is specifically coming under remote monitors here.
  8. A lot of these services down here that say something like s-bam or even like AVG or you know DFS or DFSR these are actually limited to anywhere where those services are detected.
  9. So, it's not just every server or every machine that's in this group it's limited to the ones that only have it to then apply the monitor, to get it fixed, or auto restarted, or however, you want it to do something in return.
  10. So, what I want to do is maybe make something like this but I'm pushing a Chrome update or pushing a Chrome install.
  11. And what you want to do here is you want to first make the search so come under automation, searches, come down to advanced searches you'll get a window that looks something like this it might be smaller bigger whatever your window looks like.
  12. I've tossed in a quick search here but basically all I’ve done is click the plus sign to drop down a new line.
  13. If I click on the blue like hyperlink text these are more or less your computer columns in the Automate database and so in this case I'm looking at the computer applications column and then I'm looking at the actual name and I just want to say anywhere where it contains the word Chrome because maybe I'm pushing out either Chrome for Mac and Windows or just Windows however you want to do it.
  14. But what I would do is I would save this so what I can do is just say you know like custom slash and this is just kind of a folder thing you don't have to do that maybe I just want to call it Alex's Chrome search and give that a save.
  15. It'll do like a quick reload you might even get a SQL spy you'll get this pop-up that says refresh searches may take up to a minute that's fine.
  16. So, if I move this off my window here of course we'll be loading the cache what I want to do next depending on if I’m doing a script or monitor in this case, I’m going to be doing a script because I want to be pushing where that is either found for an update.
  17. So, what I would do is come over to scripts I would find my install script let's just say it was a custom OneNote install that looks like we have in our database here. What I can do is then on my limit to search and it may not show up because I didn't actually close this window which you may find if you're doing it kind of following along here.
  18.  If I come down to the top here none of these have folders or I should say they're labeled as folders and that's what the name slash is a folder ID.
  19. So, I don't see Alex's search up here so what I'm going to do is close and reopen the group, computers scheduled scripts, make sure my group's here yep Alex's chrome search, pick my script and once you hit schedule, it will pop down here so I can just hit add, and there's my schedule.
  20. And then on the left-hand side here it will actually tell you the search that it's limited to so, anywhere where that chrome is found it would then push that script that I have chosen to fix it.
  21. In this case I don't want that to actually run I know these are just dev machines but it's worth deleting.
  22. And then same thing for remote monitors and this is always my personal recommendation if you're going to make a service don't just monitor any automatically started services because those can get very noisy.
  23. Find the services that you do want to monitor maybe it's your anti-virus or print spooler for example and I think that one's even one that's by default here.
  24. But find the service you want build the monitor, so under details find the service do all of that and then limit it to where that service is actually found because you don't want it to just alert on service missing if it's not actually there.

LEARN MORE

Kaseya VSA: Basics – Custom Fields

https://www.youtube.com/watch?v=ZuroxSTcpuE

ProVal Tech’s expert Dan is back to over Kaseya VSA Custom Fields with you all. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your VSA.

Step by Step:

    1. A custom field is simply a column that we can add to an organization or machine to provide custom information in key-value pair format.
    2. This information could be input by hand, filled by a procedure, or even by API scripting.
    3. These fields allow us to automate and report more efficiently and to a higher degree of customization than the default fields allow.
    4. There are two types of custom fields that we can create and modify within Kaseya, organizational custom fields and machine custom fields.
    5. Let's start with a brief description of org fields organization.
    6. Organization Custom fields are key value pairs that exist for every major organization within the VSA. These can be used within the agent feeds procedures and API calls to gather information about the organization that is not provided by default through other methods.
    7. Existing organization custom field data can be viewed manually by going to system, orgs, groups, department, staff, manage.
    8. Here if we select the organization that we want to view and click the custom fields tab at the top we can see the existing values. We can also edit the values of existing fields here.
    9. Note that you can't create new custom fields in this screen.
    10. In order to create a new org custom field we have to go to system, customize, site customization.
    11. Here we click on the org custom field title column.
    12. Now we select an empty line here below the last entry, we can click on that empty line and then we click edit.
    13. Here we're going to create a new custom field called is internal so that we can see using these fields if the organization itself is our internal organization or not.
    14. Now when we go back to orgs and manage and click on the custom field tab we can see the new field we just created.
    15. Let's select our ProVal organization.
    16. Then select the new custom field and then type yes.
    17. Now we have an org custom field so that denotes that this org is our internal organization.
    18. Next let's discuss machine custom fields like org fields machine custom fields allow us to set a key value pair of custom data that is not necessarily available by default.
    19. The big difference here is that these field values can be customized on a per agent basis instead of just one entire org field.
    20. To view and modify machine custom fields we need to go to audit, view individual data, machine summary.
    21. On the summary tab here if we scroll down we can see all of our machine custom fields that we've created over the years.
    22. And unlike org custom fields we can easily add, edit, remove, do anything we want with these custom fields directly from this page.
    23. A note that when you do add a new machine custom field to an agent that custom field will be available on all agents within your VSA.
    24. Let's add a new custom field now.
    25. First click on new custom field.
    26. Next we'll think of a good name for our field I’m going with test environment since I need to configure these new dev machines I recently set up.
    27. Next under custom field type, select the appropriate type of data that will be entering that field nine times out of ten I end up choosing string here.
    28. Great now that our custom field is set up I can modify the value of the field by clicking edit machine data, finding the new field in the list, modifying the value of the field, and clicking save.
    29. Now we can see that our agent has the correct information in the custom field that we've just created we can also change custom and field information by using the update system info function in an agent procedure or by making an API request.
    30. We can also see that this same custom field is available for all of these other agents as well.
    31. Now this custom field will be accessible in the same way that other machine audit information is. For example, let's create a new view that just shows us all of these development environment machines at a glance.
    32. So, we want to go up here and click on new view then we'll click save as and name this view dev machines.
    33. All right now let's go down to define filter.
    34. In this new list that appears we can see our custom field here. We want to filter for any machine that has yes in that custom field just like I typed earlier when I was creating the custom field and putting value in it.
    35. All right let's apply these changes and now we'll save the view.
    36. Okay let's close the window and go to our manage agents module.
    37. Now when we select our new view here which we can easily do by type again, we can see the one machine that we set that yes value for is listed in this view.
    38. Now later on I'll go through and I'll set yes manually for all of my other development machines and I'll have a nice easy list of development machines that anyone using the VSA can use at a glance.
    39. That's all I wanted to show you today but keep in mind that custom fields are pivotal in customizing your VSA experience and are extremely powerful in views, policies, reporting, and more.

LEARN MORE

ConnectWise Automate: Patch Approval on Zero-Day Patches

https://www.youtube.com/watch?v=K_W_pWk2Mb4

Pushing patches through for Zero-Day can be tricky through Patch Manager. Especially if you have a stage delay setup, you'll want to push them to production right away to get them installed during the next patching cycle. Let ProVal Tech's MSP Consultant Alex show you the way! Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your Automate.

Step by Step:

  1. Today I wanted to go over how to get a patch pushed out to your clients.
  2. So, once you log into the patch manager here you come over and make sure that you either do or do not have a stage delay, if you do you will likely have a secondary step to get some of these zero-day patches out first. 
  3. So come over to the configuration screen.
  4. First, we'll check to make sure that we do have a stage delay in our environment.
  5. I’ll come down to approval policies, I have a default policy here it does have a stage delay with the requires routine approval it has a six day wait plus a six day wait so I’m waiting day of release plus six days, plus six days then into production some of these zero-day patches you went out first basically as soon as humanly possible or as soon as automatic automatically possible.
  6. So, we'll come over to the patch approval screen so the top right the checkbox will have a red dot most likely next to it.
  7. Once all these patches load here, I’m going to filter out by the patches that I have set.
  8. So, I just right-click contains, and then I’ll pick the dropdown user that I’m using.
  9. I hit apply and I haven't approved anything through this account yet but let's say this top one here was a zero-day patch and I want to get it pushed out, I will hit approve it will come down here towards the bottom, it will say approval setting. Approve, install is the action and of course, it's set by me and then it does say approval policy.
  10. It's set on the default policy here means I didn't go through and approve it to a bunch of policies on the left it's just the one and that's okay.
  11. You'll notice that if I didn't scroll to the right there's a secondary area that’s hidden.
  12. If you have a stage delay it will be hidden, this scroll bar will appear you have to scroll to the right and right now if I don't do anything it will wait the six days and then the six days and then push out to production so all I have to do is scroll to the right left, click on test set to production, and click ok.
  13. Now once that kicks through you'll actually see the stage say production and now I can't go back there's no undoing that or sending it back to a test or pilot which is fine. They are still considered a production machine if you push it out that quickly it will then get deployed to any machine that is basically getting patch approved.

LEARN MORE

Kaseya VSA: Software Management – Creating Scan Analysis Profile

https://www.youtube.com/watch?v=uL4A92_wvTU

This week Dan provides a brief summary of how to create a Software management Scan & Analysis profile in the VSA. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your VSA.

Step by Step:

  1. In celebration of the official release of software management 2.0 I’d like to show you all how to create some basic profiles.
  2. In this video, we will be exploring creating a basic scan and analysis profile let's get into it.
  3. A scan analysis profile is used to determine how an endpoint gets its list of available patches.
  4.  In the profile we can set approval rules, third-party software patching if you have the appropriate licensing from Kaseya, pre-and post-scan procedures, and scan schedules.
  5. As far as best practice goes, we typically recommend having a blanket scan profile for most of your endpoints.
  6. Set the scan daily you can create multiple profiles if you want to target different approval rules and different groups however and remember that the scan schedule doesn't impact the deployment schedule which we will.
  7. Let's make a scan and analysis profile now.
  8. To create as new scan and analysis profile navigate to the software management profile, then to profiles, then to scan and analysis, then click new at the top left.
  9. First, we want to assign a profile name make sure the name is descriptive to the type of profile that you want to create.
  10. For example, our profile is going to target domain controllers, so we'll want to name this profile domain controller patch scan.
  11. Next, we can assign a patch engine to determine how the scan and analysis profile will pull the data for available patches the two applicable settings that aren't deprecated are Kaseya 2.0 and OS native.
  12. We typically recommend Kaseya 2.0 as it still uses the OS native patching engine but allows us to control the scan results more easily as well as deployment.
  13. This does require we create a deployment profile as well which we will do in our next video.
  14. If you select OS native, you don't need a deployment profile, but patches will be deployed by the OS directly and you won't be able to control things like when the machine patches or when it reboots.
  15. Next, we want to determine which approval policies we want to set in the OS patches impact rules section.
  16. We typically recommend leaving these default, but in our case, we really only want to apply the most critical patches to our domain controller to prevent frequent interruption in our production environment.
  17.  Here I will set recommended to review, I can come back later after the scan and review any patches that aren't critical for application.
  18. Here you can set third-party patching profiles which patches third-party software if you have any available and if you have the necessary licensing in Kaseya.
  19. You can also schedule a procedure here in this section to run before or after the scan.
  20. For example, you can set a pop-up to appear on the endpoint when you start the scan to warn the end-user of possible performance impacts. (Since this is targeting a server I don't really need to do that.)
  21. Now the scan section here is incredibly important I want my scans to occur daily on this machine, so I set the time frame to daily to run once every day at noon.
  22. The distribution window here is the time frame in which all endpoints assigned to this profile will scan.
  23. If you have a large amount, of endpoints assigned to the scan and analysis profile you may want to increase the time frame so that all of your agents aren't scanning simultaneously.
  24. It'll kind of stagger them out over the entire course of that distribution window that you've set.
  25. Since we have a small set of domain controllers one hour should be some should be pretty fine.
  26. Now finally we want to tell the policy whether or not it should run as soon as an offline agent that's missed its window comes back online.
  27. We can set this property using the skip if offline checkbox if this is checked the scan will not occur when the machine comes online after missing its schedule.
  28. Now we're scheduling this scan daily for our domain controllers, so I think it's fine that we don't immediately run a scan if it happens to be offline during its schedule. So, we'll go ahead and check this box.
  29. This other box here power up if offline simply sends a wake on LAN request to the machine if it's offline at the scheduled scan time.
  30. All right we saved this and that's about all we need to do to create this profile.
  31. Applying this profile should ideally be done within a policy in the policy management module which we'll cover at a later date in more detail, but you can explicitly assign endpoints here in the software management module as well.
  32. Well, that's the basics of creating a software management profile.

LEARN MORE

ConnectWise Automate: Scheduling Scripts Against Groups WebCC

https://www.youtube.com/watch?v=2nqACN7GXok

Let's take a look at scheduling scripts in the Web Control Center for Automate. Since Patch 2022.4, we have some capabilities around group management and one feature is the ability to schedule scripts around groups. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your Automate.

Step by Step:

  1. Coming back kind of where I picked up on a previous video here.
  2. I've just come down to the group section on the top left, come down to a managed service plan. For example, I’ve left-clicked so now I can see all the scheduled scripts I just picked the schedule script tab here.
  3. And so as I’m scheduling another script maybe I want this to run x number of times before it just kind of expires.
  4. What I’ll do is I’ll select my script and one nice thing that they've done in patch 4 is they've included subgroups.
  5. If you scheduled something on all clients, or a top-level all windows service plans, or the windows server group it would then do an inherited scheduled run against everything down. That is not quite the same as the thick client so just keep that in mind as you're scheduling things online.
  6. In this case I do want it to run on a recurrence, so I do want to click the schedule recurrence bottom left button.
  7. If I want it to run every five minutes, pick the date, and then because we're doing it on a limited run if you scroll down there is a set expiration so I can set this to expire today to you know three months from now, four months from now give it a date.
  8. The thick client allows you to do something a little differently where you can say set number of times to run.
  9. In the web client currently, we can only set an expiration date which again is just fine but once I do that when I hit schedule, we'll give this a quick second to load thankfully it's a little bit faster than the thick client has been in the past.
  10. I’ll just hit refresh to make sure it shows up here.
  11. It looks like my user doesn't have the capability to schedule scripts against this group.
  12. That's fine it should show up right away on the first run here if it doesn't recommending it to reload waiting about five or ten minutes for it to actually schedule against the group.
  13. Then once it's in there you can see that it's set to enable disabled that's something new and the web client that you can do you can give it the schedule type, you'll be able to see that when it runs.
  14. And then the advantage is we can see the next time it will run which is handy just as a quick glance of, oh this will run in four hours versus running you know daily we kind of don't know unless you guess based on the actual next run date or date-time stamp.

LEARN MORE

Kaseya VSA: Software Management – Creating Deployment Profiles

https://www.youtube.com/watch?v=gbBtelNmaIc
ProVal Tech’s Consultant Dan shares with you how to create deployment profiles for software management in your Kaseya VSA. Dan shows you how to create a deployment profile, name it, configure it, how to reboot it, schedule your deployment and much more. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your VSA.

Step by Step:

  1. In celebration of the official release of software management 2.0 I’d like to show you all how to create some basic profiles. In this video, we'll be exploring creating a basic deployment profile for software management let's get into it.
  2. A software management deployment profile works with the scan and analysis profile scan results that we created in the previous video to deploy the patches to the endpoint. The process of creating an employment profile is very similar to that of a scan and analysis profile.
  3. Let's create a new deployment profile now every endpoint that you target with a deployment profile must also have an assigned scan and analysis profile or the machine will not patch.
  4. Let's create a new deployment profile to do so we need to navigate to software management, profiles, deployment, and click new at the top left.
  5. Now just like we did before we start with a good name for our profile. Since we're going to pair this deployment profile with the domain controller scan analysis profile that we created in the last video together. Let's name this domain controller deployment profile.
  6. Next, we can set our reboot options - these options allow us to fine-tune when the machine can reboot after a patch is applied. You'll want to make a judgment call on this depending on what type of machines you are targeting, client specifications, and other reasons that you need to reboot.
  7. Since I’m configuring this for our domain controllers let's set this to warn any logged in users providing them with five minutes to save and close before the automatic reboot occurs and if no one is logged in force an immediate reboot on the endpoint, again you can configure these however you need for the environment.
  8. Next just like with our scan analysis profile we can schedule procedures to occur on the endpoint here. Though we can choose to fire a procedure off before or after both the update or the reboot.
  9. The schedule window here is identical to that of our scan and analysis profile but we'll want to set it up a bit differently. Be sure to discuss the deployment schedule with your client to determine what best works for them in their environment.
  10. Consider the reboot actions that you're setting as well when configuring your schedule. In our case I’m going to schedule these updates to occur once weekly on Sunday at 10 p.m.
  11. Since we're only affecting a few end points we can leave this distribution window here to one hour, also the same as before is our execution options this time since I’m only scheduling deployment for once per week I do want the machine to patch, if it happens to be offline during its deployment scheduled window we'll leave skip if offline unchecked here so that patches deploy as soon as it comes back online.
  12. We'll also send a wake on LAN packet to the machine when it's time to patch just to see if we can't prevent that missed window altogether.
  13. Now you'll notice this last option here blackout window is something we didn't see in the last profile we created. This is an easy way to provide exceptions to the above schedule in case you have critical times that you don't want your machines to patch. This is especially useful if skip if offline is not checked.
  14. I really don't want our domain controller to be patching when I come in on Monday morning so I’m going to set a blackout window to prevent patching during our business hours. Simply fill in the start day, start time, end day, and end time here in this row you can also select every day instead of a specific weekday if you want.
  15. Now some of our sharper viewers will notice that this configuration did not allow us to blackout daily business hours but allow patching in the morning or evening and on weekends and you'd be correct. In this case, we want to create one row for each day that you want to blackout hours for. For now, we'll just leave this to Monday, so I’m going to just enter Monday at 8 a.m. and Monday at 6 p.m. and now we're set to blackout the day of Monday during our business hours and we'll just repeat this for each blackout window you want to set for each day.
  16. Then we just save, it we say yes, and we do also want to mention that like our scan analysis profiles we want to schedule this via policy in most cases but again you can configure specific endpoints and assign them to this profile if needed.
  17. That's the basics of creating a software management deployment profile.

LEARN MORE

ConnectWise – Recommendations to Drive Space Monitoring

https://www.youtube.com/watch?v=q32-afzIomU
ProVal Tech’s Consultant Alex goes over recommendations to drive space monitoring in your ConnectWise Automate. Alex found out about SQL statement that we can utilize inside of a Drive Space monitoring that is super simple to set up and tweak to your needs. Making a LEAST statement choose between 2 values allows you to more dynamically adjust what you're alerting on. In this video we review an example change to the drive space monitoring defaults to look for either 10% or 20GB free and choosing the least of the two values to reduce improper alerts. I.e. getting only 10% alerts would cause 400GB alert on a 4TB drive, so we can choose 10% or 20GB and whichever is the least (in this case 20GB) and alert on that number. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your Automate.

Step by Step:

  1. Being able to detect drive space based on percentage or a specific amount using one of the default monitors.
  2. Once you have Automate open come over to your automation monitor section.
  3. Once that opens up look for the DRV or Drive Monitoring you will likely especially if you haven't done anything custom you'll likely have these in here minus the top of course.
  4. If you come down to either the 15 or 2 gig either one is fine definitely do a copy.
  5. I will hit right click come down to copy monitor let this reload.
  6. Open up my copy of the same monitor and you do that as we all know because if you update ignite or update anything that could reference this monitor it will just overwrite your settings.
  7. Once we have it open here definitely rename it so I’ll call it less than 10 percent or 20 gigs that way I just know exactly what it is.
  8. You can probably rename this to be a little more accurate but one thing it's really easy to change.
  9. What you're looking for is inside of this result section - right now this is saying the drive size minus 10 percent or I should say is calculating 10 percent and that's what you're comparing it to.
  10. One thing we can do is take advantage of a SQL command called least so you just type least in all caps do a parenthesis because you're going to reference multiple values and so, in this case, I have my 10 value already all I have to do is put a comma and then the gigs that I’m comparing it to it's kind of a weird way to say gigs but in this case, I’ll just say 20,000.
  11. I know that's not exactly 20 gigs but it's close enough for the example here close my parentheses and so now I have two values of I’m either selecting 10 percent or 20 gigs whichever is the least of those two values that's what I’m going to alert on.
  12. The rest of this monitor here it's referencing the drive letter which is good to have and then we're looking for anything greater than 16 gigs as a drive anyway and then excluding things that are all of these file types and the drive space, in this case, we're also doing less than two gigs so I can leave this or I can remove it.
  13. Of course you do want to leave the and missing here equals zero otherwise you're going to get false alerts on USB drives that somebody has made may be pulled out .
  14. If I hit build a view this will run through and anything that's either 10 percent or 20 gigs well then alert and in this case we have looks like two servers here it tells me what drive letter and then when I come to the alerting just have it set to the default create ticket and you're good to go.

LEARN MORE

Kaseya VSA Basics – Live Connect

https://www.youtube.com/watch?v=JZtQWutj7Jw
ProVal Tech’s Consultant Dan is going to go over Live Connect with you. Dan shows you how to access multiple tools and navigate your way through Live Connect. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your VSA.

Step by Step:

  1. I wanted to go over Live Connect how to install and use it as well as its several modules.
  2. Live connect is one of the most important aspects of delivering help desk level service to end clients within your VSA and is very powerful.
  3. First let’s install Live Connect if you have never used Live Connect you will be prompted to install the software on your endpoint during your first run.
  4. The best way to access this and to access live connect in general is on an endpoint by using the Quick View window.
  5. First access the manage agents module select, an agent, and hover over the agent status icon.
  6. Once you open Quick View click on Live Connect then click on the download latest version link.
  7. Now when you open Quick View and click Live Connect a new window will open make sure to tell your browser to trust this page to open that application before moving forward.
  8. Now the Live Connect window can be a lot the first time you see it but let's tackle each screen one by one.
  9. The first screen you'll see when you open live connect is the asset summary page this just provides a nice amount of info at a glance as well as a snapshot of the current endpoint state if you’re familiar with Quick Connect you'll recognize the agent procedure section here which works the same way as in quick connect.
  10. Double-clicking in the snapshot here will launch remote control. Here in the remote control window you'll see that we have some controls at the top of the page.
  11. Clicking record will record the remote control session you can find these recording results as a WebM file in agents screen recording. You can also send a ctrl alt delete paste your local clipboard and use other common remote control features from this taskbar.
  12. Another way to launch remote control is from the menu on the left here where you can also launch a non-invasive session in the background with a private session this requires the endpoint to have RDP enabled but live connect will enable.
  13. This for you if it's not moving on from remote control we have several other tools that we can use to remediate issues on the endpoint.
  14. The files module allows us to browse the endpoint file system and perform basic functions on these files.
  15. Commands allows us to pass a command or PowerShell instruction to the endpoint
  16. Services shows us a convenient list of services on the endpoint a red icon means the service is stopped and a green one means that it's running.
  17. Clicking on the service provides a brief description of that service.
  18. The context menu on the right allows us to start, stop, restart, or change the startup type of that service.
  19. The processes module allows us to review running processes on the endpoint and to stop these processes using the context menu here.
  20. The registry module allows us to view the currently loaded registry hives which means only for the current user.
  21. From the context menus we can modify and create keys create entries or delete them.
  22. This event module here shows us several different log options most of the Windows event viewer logs are located here as well as some RMM and PowerShell logs I would look over these at your leisure.
  23. The tickets module here it's just an integration of Service Desk but if you have Service Desk enabled in your RMM then it will show a log of tickets that have been opened for this endpoint and that's it.
  24. Live connect is a very powerful tool and this video only touched the surface really but the more you use it the more you'll learn.

LEARN MORE

Kaseya VSA: Apply Procedure via Policy

https://www.youtube.com/watch?v=Ney_tXz_2ZI
ProVal Tech’s Consultant Tobin goes over how to apply procedure via policy in your Kaseya VSA. Tobin uses the non-compliant view in the policy to schedule recuring procedures, create policies, and edit your procedures and policies. He also gives insight on how to set days and times in the week to distribute these procedures via policy. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your VSA.

Step by Step:

  1. Today I will show you how to use the non-compliant view in a policy to schedule a recurring procedure that will update Windows 10 to the latest build. The principles shown here can be used with any view and any agent procedure not just Windows 10 updates.
  2. First thing we're going to do let's navigate to policy management let's navigate to policies.
  3. Select the folder that you want to create the policy in.
  4. Select add policy from the top, give your policy a name for this one I’ll do Windows 10 upgrade.
  5. Select ok to create and then select the policy itself once the screen loads.
  6. Now we can see we have the name description here we're going to use the Windows 10 non-compliant view and the beauty of using this policy with this view is that as machines fall in and out of this view they will automatically be applied with this procedure.
  7. So if you add a new computer to your VSA and it's running 1909 it will automatically fall in line with this view and we'll apply this policy to the machine.
  8. So let's select our agent procedure, add procedure, locate your procedure in your library, select it, and select add by selecting on it you can either remove or you can edit the procedure.
  9. So let's go ahead and click edit and you have a couple of different options here for your recurrence you could do it once you could do it daily weekly. We're going to do weekly we're going to make sure that the schedule is based on the time zone of the agent that way if it's set to run at midnight and the server is in a different time zone it will still run at midnight on the computer itself.
  10. We're also going to set our distribution window I’m going to set it to 60 minutes this can vary depending on what the procedure is doing and how many computers you have in your environment.
  11. If you have a large amount of computers you may want to push this distribution window out even more so let's go ahead and we'll do every one week on Wednesday night. I’m going to do no end date to this because I want this to be perpetual I want this to continue as machines are added and removed from the environment.
  12. I’m also going to do skip if offline for this one and the reason being is because this Windows 10 procedure is going to cause the computer to reboot it's going to take some time I don't want that to queue up when the computer is turned on.
  13. If I uncheck skip offline the procedure will be queued if I have skip if offline checked the procedure will not queue it will check to see if that machine is online at that time and if it is not it will not view that procedure to the computer.
  14. Let's go ahead and select schedule then at the top we're going to do save and apply all right let's select apply now.
  15. Then we need to put this policy into our org and machine group so that it can be assigned.
    Let's go down to assignment organization machine groups and I’m going to put this in the global organization because I do want this to be applied on every computer in the VSA.
  16. You could put this in a machine group or in an organization level if you wanted to but for this purpose of this procedure I want this to apply to all computers and I want to make sure that all these machines are being updated as much as possible.
  17. Let's go ahead and expand our folder, select the policy that you've created, and let's drag it over to global.
  18. So there's our policy right here, now next thing we need to do is we need to make sure that this gets pushed to the machines that it's to be applied to.
  19. So let's select machines and here's the machines that fall into that view let's go ahead and right-click reprocess policies.
  20. Give it just a moment and what you want to do is you want to make sure that when you select the machine you want to make sure that you're seeing that policy that you created down here under assigned to this machine by association with organization / machine groups.
  21. This is how you will know that it's being automatically pushed to these machines.

LEARN MORE

ConnectWise Automate: PowerShell Command vs Execute Script

https://www.youtube.com/watch?v=7dssSaAqpNg
ProVal Tech’s Consultant Alex guides you through ConnectWise Automate PowerShell Command vs Execute Script. Occasionally you'll want to run PowerShell modules that may not be natively available to you via Windows. This happens a lot when you're trying to install a module on the machine for repeated use of that module. Use PowerShell command if that module is already installed or there's a chance that the Execute script function may timeout or fail. Click on ‘Show More’ to read the step-by-step transcript to follow along with how to do this in your Automate.

Step by Step:

  1. Today I wanted to go over a couple of commands inside of Automate, especially in the scripting functions that you may be accustomed to using and why you should use one versus the other.
    If I pull up this script here what I’m looking for is normally you would copy and paste any of your PowerShell into an execute script and this allows you to basically paste anything you want inside of this.
  2. Text editor here and it will execute all within PowerShell which is great however sometimes when you're running into issues you may have to run it differently.
  3. I was actually running it into an issue with this in this particular script where you may have to use the PowerShell command and use the one-line version of that and the difference is this is running as ps.exe so a live terminal and reporting back to the PowerShell result. Whereas the other one is writing to like a temporary PS1 File running it and then basically deleting itself and reporting back to a variable.
  4. This is especially noteworthy when you're doing importing modules or things you need to use multiple times example in this script here.
  5. I'm importing a module called PS Windows update to then be later used in terms of getting the update history, but I have to run the update history as a ps.exe in order for it to import the module automatically.

LEARN MORE

ConnectWise Automate Tickets - Understanding Tickets in Automate

https://youtu.be/uhehkF2idDQ
ProVal Tech’s MSP consultant Alex goes over with you ConnectWise Automate ticketing and how to understand tickets from the ticket menu to help you troubleshoot ticket sync issues. He also shows you how to view or understand ConnectWise Automate generated tickets. Click on ‘Show More’ to go into more detail and follow the step by step with the video.

Step by Step:

  1. The first thing you want to do is come over to the left-hand side of the Service Desk and open up Tickets.
  2. Inside of here the default is always going to ‘my tickets’ so you will likely see nothing unless your user is attached to any tickets.
  3. All we have to do is come over to “All” and then everything that our users can see will be listed here.
  4. Lots of these are monitors, or, scripts, or things that we've developed just for testing purposes or generating alerts for other clients.
  5. Inside of here anything that's this bright orange color (which is customizable in the configuration dashboard) is over two hours old.
  6. There is a ticket status of new or resolved, these also sync with your PSA. (Professional Services Automation) to close or open tickets automatically.
  7. If I open up the machine just by double-clicking on the ticket - there are a couple of things that are really handy pieces of information.
  8. The external number, this is the ticket number or the external ID in your main PSA, (Professional Services Automation) most of the time this is going to be your ConnectWise Manage.
  9. If you use AutoTask or other systems that ticket number or numerical data ID, it will get synced here.
  10. Which you can then track down in the integration of which ticket because the ticket numbers are not always the same.
  11. I also like to use the Reading View on the top left to see all of the comments or ticket comments that the automation has put in or if there's anything in there.
  12. Last but not least, if nothing else works you can come back to the ticket data screen, you can click on the asset, until the computer management screen opens up.
  13. The next place if generating tickets is going to be the effective policy screen - and this is very much like opening up a group policy resultant or a resultant set of policies like you would locally for an active directory.
  14. This will tell you everything that's applied to this machine through Automate.
  15. Using this screen here tracking through several of these pieces you can backtrack what type of monitor, or what script generated a ticket and then figure out how to adjust that from there, if you do not want that ticketing any longer.

LEARN MORE