When Automox performs a scan, the agent executes several key commands to gather essential information about the device. Below is a comprehensive overview of these commands, providing both a quick summary and a high-level look at their underlying technical execution across supported operating systems.
1. GetOS
Simple Explanation: This command retrieves the device's operating system information, including its version and build number.
In-Depth Execution: Behind the scenes, this script verifies and updates the Automox Worklet Development Kit (WDK) to ensure the agent has the latest tools. It secures local agent files and databases, syncs internal software catalogs, and queries native OS tools (such as WMI on Windows,
sw_verson macOS, oros-releasefiles on Linux) to accurately extract the OS caption, version, language, and architecture.
2. GetHostname
Simple Explanation: This command fetches the name assigned to the device, which helps identify it within the console.
In-Depth Execution: This is a highly efficient, lightweight script. It prioritizes using native system utilities (like
hostname) to grab the computer's name. If the utility is unavailable, it securely falls back to reading native environment variables.
3. GetAWSID
Simple Explanation: If the device is part of an AWS environment, this command gathers relevant AWS metadata.
In-Depth Execution: The script first checks the system's hardware or BIOS metadata to see if the machine manufacturer is listed as "EC2" or Amazon. If an AWS environment is detected, the script reaches out to the internal AWS metadata IP address (
169.254.169.254). It handles AWS's IMDSv2 security requirements by generating a short-lived token to securely query and return the AWS Instance ID.
4. GetSystemDetail
Simple Explanation: This comprehensive command collects critical system details, including compliance status based on applied policies, the last logged-on user, and update source configuration.
In-Depth Execution: This script acts as the primary hardware and configuration auditor. It queries system APIs to map out the CPU, RAM, Disk Drives, Volumes, and Network Adapters. It calculates the last active user by parsing OS-specific profiles or logs. Additionally, it audits the health of the local update services (e.g., Windows Update, macOS
softwareupdate, or Linux package managers), pulls domain/directory details, and manages the secure download and installation of Automox organizational security certificates.
5. GetSoftware
Simple Explanation: This command scans the registry and file system to catalog installed applications, patches, and updates. As the most time-intensive command, it ensures complete software inventory visibility.
In-Depth Execution: This is the most robust and complex command in the scanning sequence. It scans system-wide software repositories (like the Windows Registry, macOS
pkgutil/Applications folder, or Linuxdpkg/rpm) as well as user-specific directories. It compares these findings against a continuously synced Automox Third-Party Metadata database to flag patchable applications. Furthermore, it hooks into native OS update APIs to build a complete map of installed, awaiting, and unmanaged system patches.
6. NeedsReboot
Simple Explanation: This command checks whether the device requires a reboot by querying the operating system. It does not create or enforce a reboot flag.
In-Depth Execution: The script analyzes native OS flags (like Windows Registry keys, macOS system update flags, or Linux
/var/run/reboot-requiredfiles) to see if the machine is pending a restart. Crucially, it contains custom filtering logic to ignore specific updates known to trigger false-positive reboot flags, ensuring the Automox console only reports a pending reboot when strictly necessary.
Conditional & Evaluation Commands
Note: These commands trigger dynamically based on device grouping or assigned policies.
ModifyOSAutoUpdateSettings: If the system details do not match, this command applies the configurations as specified in the device’s assigned Automox Group.
Worklet Evaluation (policy_######_test): If any Worklets are associated with the device or its group, the agent evaluates them during the scan to ensure compliance and proper execution.