Skip to main content

ConnectWise Automate - Agent Service Monitor

Cameron Granger
  • Updated

Team: Huntress Managed Endpoint Detection and Response (EDR)
Product: ConnectWise Automate
Environment: Huntress integration
Summary: Setup guide for the ConnectWise Automate integration for monitoring Huntress Agent and Huntress Updater service statuses. 

 

  Huntress has fully implemented Watchdog functionality into our services. While monitoring services can be a best practice in some scenarios, Huntress strongly recommends disabling self-healing actions and scripts that start or restart our services.

Starting a service during an update can lead to unintended consequences that can disrupt stability and functionality.
Updates often involve modifying configuration files, upgrading dependencies, or replacing critical components, which can leave the service in an inconsistent state if it starts prematurely. For example, the service may attempt to access files or resources that are being updated, leading to errors or data corruption. Additionally, partial updates can result in mismatched versions of libraries or binaries, causing the service to crash or behave unpredictably.

Follow the steps below to create a Service Monitor in ConnectWise Automate that monitors the Huntress Agent and Updater service statuses. 

 

If you are also interested in the Remote Monitor (Orphaned Agent), you can kill 2 birds with one stone by downloading and uploading the XML expansion on our GitHub here: https://github.com/huntresslabs/deployment-scripts/tree/main/ConnectWise-Automate/Monitors

 

NOTE: This only works on devices running Windows

Creating Advanced Search Group

If you have already created a search group either by following Automate to Manage Billing, or by creating one on your own, you can skip to section 2. 

  1. Go to Automation > Advanced Searches and create a new search
  2. Customize the search to your liking, below is what we recommend. Save the search as "Software\Software - Huntress Agent Installed" (or something similar). 192_168_0_208.png
  3. Go to Browse > Groups. Right-click on "Groups" and hit "create group"
  4. Set the "Computers" under "AutoJoin Searches." And add the "Huntress" product we created earlier under the "Managed Services" Tab. 

Creating the Monitor

  1. Open the group created in Section 1.
    1. Go to Computer > Remote Monitors.
    2. Click Add at the bottom.
    3. Select Monitor Services and Processes.mceclip0.png
  2. Chose an Alert template
    1. (the settings on this page is up to you and your environment/requirements)mceclip2.png
    2. You can customize the Alert Style:mceclip4.png
    3. This guide is using the built-in ~Autofix Action Restart Service” to restart the Huntress service. If you have customized the Alert Template, this monitor will follow those alert rules.

      NOTE: The time period must be at least 30 minutes, as our agent will stop to install updates. Setting the timer too low may lead to unexpected issues that can negatively impact the agent. While agent updates typically finish in under a minute, external factors may extend this duration slightly, and any interference with the installation process could cause the update to fail or become unstable.
      mceclip5.png
  3. Click Next
    1. The alert subject/body can be customized:mceclip6.png
  4. Click Next
    1. Give the Monitor a name
  5. Click Finish
  6. This is what your monitor should look like: (IMPORTANT: Make sure you filter the monitor to only Windows machines, as Macs do not have Services)

Checking Monitor

 

  1. Open Automations > Monitors from the ConnectWise Automate Control CenterNotification_Center.png
  2. Click the System Monitors tabNotification_Center.png
  3. Search for your monitor based on the name you created in the previous section
    1. Example Queries (query depends on what you set the name to):
      1. SVC-Huntress
      2. %huntress%
      3. scv-hunt%
      4. %hunt%

 

 

Related articles