How to Create an Event-Based Job
Jobs allow you to define automations in Fix Inventory and can be triggered by the events emitted by the collect_and_cleanup
workflow.
Prerequisites
This guide assumes that you have already installed Fix Inventory.
Directions
-
Define the action you would like to automate. For example, let's say we want to create a PagerDuty alert if a publicly accessible database is detected:
> search is(database) and db_publicly_accessible==true | pagerduty summary="Databases found that are publicly accessible" dedup_key="dbs_publicly_accessible"
tipSee Search How-To Guides for guidance on how to write search queries.
-
Determine the event trigger for the job. In this case, since we want to send an alert as soon as a publicly accessible database is detected, we'll use the
post_collect
event to trigger the job. -
Now that we've defined the action and decided on the trigger, create the job using the
job add
command (replace the value of the--id
parameter with a unique job identifier):> job add --id alert_public_dbs --wait-for-event post_collect 'search is(database) and db_publicly_accessible==true | pagerduty summary="Databases found that are public to the internet" dedup_key="dbs_publicly_accessible"'