Nebula can run automated scans on your endpoints on a schedule that you choose. If you prefer, scheduled scans can quarantine threats and Potentially Unwanted Programs without manual action. This article shows how to create a scheduled scan and explains the related options.
Scheduled scans are managed at the group level. If you create additional groups and move your endpoints, be sure to come back to your scheduled scans and assign the scans to the new groups.
These scans run using the endpoints' locally configured time. Offline endpoints use the synchronized scan schedule from when it last checked in with the Nebula console.
Create a scheduled threat scan
- On the left navigation menu, go to Configure > Schedules.
- Click New to create a new schedule.
- Enter a Schedule Name and choose Detections scan under Type.
- Choose the operating systems you want to run the scan on by checking their boxes.
- Check the Quarantine threats automatically box to have Nebula place threats into quarantine without prompting the end user.
- Check the Treat Potentially Unwanted Programs (PUPs) as malware box for Mac scans to detect PUPs.
- For Windows, these settings are configured in the policy or with a custom scan. For more information, see Scan policy settings in Nebula.
- For windows only scans, select Threat Scan.
- In the Schedule groups tab, select target groups for the schedule. Any child groups are automatically selected.
- In the Schedule frequency tab, set the following parameters:
- Frequency: Choose either Hourly, Daily, or Weekly.
- Hours: If Frequency is set to Hourly, then select between 1 and 23 hour(s) from this drop-down.
- Start Date: Click in this field to select a calendar start date for this scheduled scan.
- Start Time: Click in this field to select the starting hour, minute, and AM/PM option for this scheduled scan.
- Run missed schedules as soon as possible: Toggle ON to recover missed scheduled scans due to endpoints being powered off or asleep. The scan automatically starts the next time the endpoint connects to Nebula.
- In the top right, click Save.
Create a scheduled Inventory and Vulnerability Scan
An Inventory & Vulnerability Scan retrieves information on all endpoints in a group and updates the Endpoint Properties screens for that group. The information gathered is determined by the Software Management settings in each group's policy.
Note: Before you set a scheduled Inventory & Vulnerability Scan, check the Software Management settings for your group policies. See Adjust policy Software Management settings in the article Types of scans in Nebula.
- On the left navigation menu, go to Configure > Schedules.
- Click New to create a new schedule.
- Enter a Schedule Name.
- Choose Scan Inventory & Vulnerability under Type.
- In the Schedule groups tab, select target groups for the schedule. Any child groups are automatically selected.
- In the Schedule frequency tab, set the following parameters:
- Frequency: Choose either Hourly, Daily, or Weekly.
- Hours: If Frequency is set to Hourly, then select between 1 and 23 hour(s) from this drop-down.
- Start Date: Click in this field to select a calendar start date for this scheduled scan.
- Start Time: Click in this field to select the starting hour, minute, and AM/PM option for this scheduled scan.
- Run missed schedules as soon as possible: Toggle ON to recover missed scheduled scans due to endpoints being powered off or asleep. The scan automatically starts the next time the endpoint connects to Nebula.
- In the top right, click Save.
The Inventory & Vulnerability Scan updates endpoint information in the console. This information is organized in Endpoint Properties on the Endpoints screen. On the left navigation menu, go to Manage > Endpoints, then click an endpoint name to view Endpoint Properties. Use the tabs on the Endpoint Properties screen to view details about the endpoint.
For scheduling third-party software updates and operating system patches, click the following links below: