Forum Discussion
Can I use ASC Workflow automation to install Qualys agent?
- Mar 31, 2020
Yes. i just created a working sample here
Nicholas DiCola (SECURITY JEDI)
Thx again Nick - for my edification, the workflow will kick in when it sees an unhealthy resource in the Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys) (Preview) recommendation, correct?
We have some VMs that are powered off so I am assuming when they get powered on, the workflow will run to install the Qualys agent.
And last question, can you point me to some documentation about ASC workflow?
TYVM
yes but you need to create the workflow automation like this
 here is the docs page https://docs.microsoft.com/en-us/azure/security-center/workflow-automation
- Jeff WalzerApr 01, 2020Iron Contributor
- Jeff WalzerApr 01, 2020Iron Contributor
@Nicholas DiCola (SECURITY JEDI
Sorry to be a pain, but I ran into an error as I turned on a VM and then checked the logic app and saw that it failed
{"error": {"code": "AuthenticationFailed","message": "Authentication failed. The 'Authorization' header is missing."}}- Nicholas DiCola (SECURITY JEDI)Apr 01, 2020Microsoft
the template creates two api connection resources. you have to authorize them. go to the resource. click edit api connection. click authorize. login in the new window. click save.
- Jeff WalzerApr 01, 2020Iron Contributor
Nicholas DiCola (SECURITY JEDI)
API now authorized and when I do a 'Run Trigger' I get the following error message:
InvalidTemplate. Unable to process template language expressions in action 'Create_or_update_a_template_deployment' inputs at line '1' and column '3277': 'The template language function 'split' expects its first parameter to be of type string. The provided value is of type 'Null'. Please see https://aka.ms/logicexpressions#split for usage details.'.
- KrzysztofKnapikAug 21, 2020Copper Contributor
Nicholas DiCola (SECURITY JEDI)
Hi Nicholas, thanks for super usefull logic app.
I made the setup you have described, I used automation workflow for ASC recommendation (A vulnerability assessment solution should be enabled on your virtual machines) with logic app to create ARM deployment. And it works well when I trigger Logic App from ASC (Azure Portal) but the automation workflow does not trigger my logic app at all. Is it possible that when the recommendation exist with many VM's in state not-applicable and unhealthy then any new VM which appear with unhealthy state will not trigger automation ? because the recommendation exist ? In short for existing recommendation new resource won't trigger the workflow automation ?
Thanks in advance for any insides ...
Br, Kris