Trigger Install Upon New Collection Membership

Comments

6 comments

  • Luke Nichols

    Adam,

    You could do a scheduled deployment on a heartbeat trigger and that should work. I usually recommend that if you're doing a heartbeat trigger you also add an interval trigger, e.g. 15 minutes because heartbeat only activates when a machine goes from offline to online, so if it is always online it won't proc the heartbeat trigger.

    You should also give some consideration to how you are going to prevent duplicate deployments-- you could simply check the box to stop deploying to targets once they succeed, but I think it's more elegant to have your filters on your dynamic collection automatically remove the machine from the target collection after it has received the desired Deploy package.

    2
    Comment actions Permalink
  • Adam Haas

    Hmm, you answered my follow-up question. If I wanted insight into who had it installed, I'd then need a second collection of identified computers with the software installed. 

    Is this an unusual way to set this up, or is this how it's done? I'm thinking of one of the PDQ videos where they showed how the Google Chrome package updates all computers that have old versions installed every Friday. I was hoping to get that same kind of thing going, but only for computers that didn't have this software installed, it would then install it so long as their computer is in the collection.

    1
    Comment actions Permalink
  • Luke Nichols

    I can't say if it's unusual or not but it is how I would do it, personally. In my experience dynamic collections are the best tool for targeting deployments and if you just want a view of computers for reference you should do it in a report, so I don't end up with a ridiculous number of collections to contend with using this method.

    I haven't seen the specific PDQ video you are talking about so I can't speak to their solution, sorry.

    1
    Comment actions Permalink
  • Adam Haas

    OK, referring to this post instead: https://help.pdq.com/hc/en-us/community/posts/360055469231-Dynamic-Collection-for-computers-with-specific-folder

    Because ThreatLocker does not display itself in Control Panel, and PDQ is not seeing it as an installed Application, I am looking for the presence of the "C:\Program Files\ThreatLocker" folder.

    I added this into my "Applications" scanner:

    I verified my computer has this folder and the Application installed.
    I scanned my computer using the Applications scanner, but my Dynamic Collection for this is still empty:



     

    0
    Comment actions Permalink
  • Colby Bouma

    You have to break it out into 2 parts:

    I'm not sure why, but Equals doesn't work with Path.

    0
    Comment actions Permalink
  • Adam Haas

    This looks to be working. Thank you for your help.

    0
    Comment actions Permalink

Please sign in to leave a comment.