Monitoring requests

Supported actions

The following device actions are supported:

Cryptographic Wipe
Delete File
- Delete Files
- Delete All Files
Freeze
Remove Freeze
Run Playbook (only applies to system-initiated requests)
Run Script
Send Message
Unenroll

Permissions

To view or export device action requests, your role needs to be granted the View permission for one of the supported actions. To view a particular action on the Actions page, your role needs to be granted the View permission for that action.

Accessing the Action Requests page

To open the Action Requests page, click History > Action Requests on the navigation bar.

Information included on the Action Requests page

The Action Requests page shows the following information:

List of requests

Requests are listed on the sidebar under the headings Pending Approval, Scheduled, In Progress, or Done, with the most recent requests shown first:

Pending Approval (Dual approval requests only): lists all requests that are waiting to be approved

Scheduled (Send Message and Scheduled Freeze requests only): lists all requests that are scheduled to take place in the future. All devices in the request have an action status of Pending or Ready. Requests move to In Progress when the scheduled date and time (local device time) of the request has occurred on at least one device.

Example
A Send Message request is scheduled for 11 a.m. on March 1. At 10 a.m., you log in to the console and see that the request has moved to In Progress. One device included in the request is in a time zone three hours ahead of your time zone. Since the scheduled date and time has already occurred in the local time of this device, the request was moved to In Progress.

If all devices are offline at the scheduled time of the request, the request moves to In Progress within 24 hours of the scheduled date and time (UTC).

In Progress: lists all requests where some or all devices in the request have an action status of Pending or Processing. Each request has a progress chart showing the status of the request. Progress is represented by the following:
- Done: portion of devices with a status of Failed, Succeeded, Completed, or Canceled
- In Progress: portion of devices with a status of Pending, Ready, or Processing

Done: lists all requests in which all the devices in the request have an action status of Failed, Succeeded, Completed, or Canceled. By default, Done shows requests that were completed within the last year.

You can find a specific request by using Search and the drop-downs.

Request summary

Click a request on the sidebar to see it's request summary in the work area. The summary includes:

Item	Description
Progress chart	The progress of the request showing the percentage of devices that are in each state Each device in the request is in one of the following states: Failed: either the system or the device is unable to perform the action or the request was auto declined Pending: the action hasn't been downloaded to the device, or the request requires approval Ready (Send Message and Schedule Freeze requests only): the action has been downloaded to the device, but it's scheduled to take place in the future Canceled: a user has canceled the action Processing: the action is currently being performed on the device but the action hasn't been completed yet Succeeded: the action has run on the device and the action was completed successfully Cryptographic Wipe Run Script Completed: the action has run on the device Delete File For Delete File requests, review the Result column, the log file, or Events to determine if the action was successful for each device. When a Delete File request runs on a device, the files found and the files deleted may not be the same. The Result column and Events show the number of files found and the number of files deleted. The Log file contains further details about which files were found and which files were deleted, as well as the reason files weren't deleted. Freeze For Firmware Freeze requests, review the Status details column to determine if the action was successful at both the OS and firmware levels. Remove Freeze Run Playbook Send Message Unenroll
Request name	The default name, or the user-defined name given to the request when the request was created Created, scheduled, or completed time, and the requester's name
Request name	Only applies to select Cryptographic Wipe and Delete All Files requests Details about the two requests that were created when a single Wipe request was submitted. Learn more Navigate between the requests using the provided link.
Dual approval details	Only applies to dual approval requests The approval status of the request. Possible values are: Pending Approval: the request is waiting to be reviewed by a secondary user To see a list of users that can approve the request, click Pending Approval. The list shows the each user's name and email address. Request canceled: the request was canceled by the creator while it was Pending Approval Request approved: the request was approved by a secondary user Request auto declined: the request was auto declined because it wasn't approved by a secondary user within seven days of being created Request declined: the request was declined by a secondary user If the request has been approved, declined, or canceled, the date and time (UTC) the request was actioned, and the last name of the user. Declined reason If a request was declined, this field appears and shows the reason. This may be a reason from the predefined list or a custom reason provided by the approver. Action buttons The action buttons only appear for users that belong to a role that's configured to approve the request and for the creator. Approvers see the Decline and Approve buttons. Creators see the Cancel request button. The actions buttons appear when the request is Pending Approval.
Request ID	The system defined unique identifier for the request
Description	The description added when the request was created, if any
Configuration	Any configuration details that were used to create the action request
Declined reason	Only applies to dual approval requests that are declined The reason the secondary user declined the action request
Action buttons	Only applies to dual approval requests that are pending approval The action buttons for managing dual approval requests Only available to users in a role configured to approve the action

Work area

The work area contains the request details. Information about the action status for each device is organized in a table with the following columns:

Column	Description
Device name	Includes the device's device name The name assigned to the device in the operating system. For Chromebooks, device name is not applicable and therefore shows as "Chrome" in the Secure Endpoint Console. and serial number The identification number assigned to the device by the device manufacturer. For Windows devices, this value may correspond to the serial number of the BIOS, the motherboard, or the chassis, depending on the manufacturer. To view the device's Device Details page, click the linked device name.
Action > Status	The progress of the action on the device and the date of the last status update Action status can be one of the following: Failed: either the system or the device is unable to perform the action, the request was declined, or the request was auto declined See the Status details column for the reason for the failure Pending: the action hasn't been downloaded to the device, or the request requires approval Ready (Send Message and Scheduled Freeze requests only): the action has been downloaded to the device, but it's scheduled to take place in the future Canceled: a user has canceled the action Processing: the action is currently being performed on the device, but the action hasn't been completed yet Succeeded: the action has run on the device, and the action was completed successfully Run Script Cryptographic Wipe Completed: the action has run on the device Freeze For Firmware Freeze requests, review the Status details column to determine if the action was successful at both the OS and firmware levels. A Firmware Freeze request that couldn't be processed may temporarily show an action status of Completed before the status is updated to Failed. Remove Freeze Delete File For Delete File requests, review the Result column, the Log file, or Events to determine if the action was successful. When a Delete File request runs on a device, the files found and the files deleted may not be the same. The Result column and Events show the number of files found and the number of files deleted. The Log file contains further details about which files were found and which files were deleted, as well as the reason files weren't deleted. Unenroll Send Message Run Playbook
Action > Status details	For requests with an action status of Failed, shows the reason why the action failed For Firmware Freeze requests with an action status of Completed, shows the OS Freeze status and the Firmware Freeze status Learn more For all other action statuses, shows No data
OS name	The name of the operating system detected on the device
Unfreeze code	Only applies to Freeze requests The code that's entered directly on each frozen device to unfreeze it and make the device operational again For security reasons, the unfreeze code is masked. To show it, click (Show). An Unfreeze code unmasked event is logged to Event History. To hide it again, click (Hide). This column is only available if you are logged in as a user with the Perform permission for Remove Freeze.
Result	Only applies to Delete File requests Found `n` – Deleted `m`: the number of files found on the device (`n`) and the number of files deleted (`m`). If the number of files found is different than the number of files deleted, see the Log file for detailed information.
Certificate	Only applies to Cryptographic Wipe and Delete All Files requests A link to download the Certificate of Sanitization
Log file	Only applies to Delete File requests A link to download the Log file available when the Request status for the device is Completed
Script return code	Only applies to Run Script requests The return code to inform the user whether the script was successfully run The script returns 0 if the script is success, other return codes are defined in the script. Click the link to the script in the request summary to view the script.
Message response	Only applies to Send Message requests A semi-colon (;) delimited list of Field Names and values for the Custom Device Fields included in the response to the message Format: Field Name 1: value 1; Field Name 2: value 2 Shows No Data when: The message requires a user response but a response hasn't been received The message was informative and Custom Device Fields were only used to share information or weren't used at all Hover over the field to view all values in a tooltip, or click in the row to see a device overview

You can use device name or serial number as search criteria to search for a device in a request. You can also include other device action information in the report by adding more columns.

If No Data shows in any of the columns, the information wasn't detected on the device or the device information is duplicated. Device information may be duplicated if a device was listed twice in the File Upload. The second record is displayed as No Data.

Filtering actions

By default, there are no filters used to generate this page.

You can create a customized version of the request details for a specific request by adding filters based on one or more filter criteria. For example, your can filter the request details to show only those actions that failed.

Sorting request details information

By default, the data is sorted by Action > Status. Devices are displayed in the following order:

Failed
Pending
Ready (Send Message requests only)
Processing
Canceled
Succeeded/Completed

You can change the sort order by clicking a column heading.

Viewing the request details

To view the status for an action:

Log in to the Secure Endpoint Console as a user with the View permission for the action being completed.
On the navigation bar, click History > Action Requests.
On the Action Requests sidebar, click the applicable request. To find a specific request, do one or more of the following:
- Select an option from the Actions drop-down to filter by type of action.
- Select an option from the Created drop-down to filter by the date the requests were created. Options vary from Past 7 days to Past 90 days.
  
  When the Created drop-down is used to filter the list of requests, actions in Done are filtered by the date the requests were created, not by the date they were completed.
- Click to expand the Search field and enter one of the following:
  - The request name
  - The last name of the requester
  - The script name (only applies to Run Script requests)
  - The message name (only applies to Send Message, Freeze, and Remove Freeze requests)
  The search results update dynamically as you type. To clear the Search field, click .
- Click the Pending Approval, Scheduled, In Progress and Done headers in the list of requests to hide requests in each category.

The request's summary and details open in the work area.

Viewing older requests

By default, you can view requests that have been completed within the past year. To view older requests, filter the list of requests by action type. Once the list is filtered, you can use the search to narrow the results.

To view older requests:

Log in to the Secure Endpoint Console as a user with the View permission for the completed action.
On the navigation bar, click History > Action Requests.
On the Action Requests sidebar, select the action type from the Actions drop-down.
[Optional] To show only completed requests, click the Pending Approval, Scheduled, and In Progress headers in the list of requests.
[Optional] On the Action Requests sidebar, click to expand the Search field and enter one of the following:
- The request name
- The last name of the requester
- The script name (only applies to Run Script requests)
- The message name (only applies to Send Message, Freeze, and Remove Freeze requests)
The search results update dynamically as you type. To clear the Search field, click .

Requests completed within the last five years are displayed.

Requests are deleted after five years. After a request is deleted, there is no way to retrieve the following information:

The unfreeze code for a Freeze request
The Certificate of Sanitization for Cryptographic Wipe and Delete All Files requests
The log file for Delete File requests

If you will need this information more than five years after a request is completed, create a copy outside of the Secure Endpoint Console.

Refreshing the data

While you are viewing a page or report, its data is not updated dynamically as new data becomes available. To show the most recent data available in the system, such as information that was just uploaded from a device, click the icon in the bottom left of the page. The Last updated field updates to the current date and time.

Exporting the data

You can click (Export) to export the page as a report and download it to your computer. If you've edited the page's filters or added or removed columns, your changes are reflected in the exported report, even if you don't actively save your changes.

When you export the information from actions:

Device name is exported as an Identifier column, a Device name column and a Serial number column.
Action > Status is exported as an Action status column and an Action status updated column.

Working with the Action Requests page

Depending on the Absolute licenses associated with your account, and your user role, you may be able to perform some or all of the following tasks from the Action Requests page:

Search for and view individual devices
Request any of the following actions on one or more devices:
The Change policy group action is temporarily unavailable from this page.