Skip to main content

Configuring monitoring policies

To manage security for your devices in Datto, you execute Bitdefendercomponents through monitoring policies and jobs.

Important

To make the Bitdefendercomponents available to your actions, you need to add them to your favorite list.

Navigate to Components > All Components and click the star icon (datto-star-icon.png) next to the following Bitdefendercomponent:

  • BitdefenderGravityZone- Device Management

A monitoring policy configured at the site level executes Bitdefendercomponents to verify installation and update status, and deploy the security agent.

For example, through a monitoring policy, you can raise a critical alert if a device is not protected and configure a response action to deploy the security agent.

Important

Your Datto RMM account requires administrator rights to create policies.

Creating a site policy in the old UI

To create a new site policy:

  1. Log in to Web Portal.

  2. Click Sites to open the drop-down list.

  3. Go to the Policies tab of your selected site.

  4. Click New site policy.

    The New Policy window appears.

  5. Configure the following elements:

    • Name: Enter a name for your policy

    • Type: Monitoring

    • Based on: new policy

    The New Monitoring Policy window appears.

    datto-create-monitoring-policy.png

To add targets:

  1. Click Add a target.

  2. Select a Target type from the drop-down list.

    For information about target types, refer to Filters and Groups in Datto documentation.

  3. Choose your filters and groups.

    For example, by selecting the Default Device Filter you can choose All Windows Desktops from the drop-down list.

  4. Click Add to save the targets to the monitoring policy.

    datto-add-targets.png

Note

To add multiple targets, repeat the steps.

To add monitors:

  1. Click Add a monitor.

  2. In the Monitor Type section, select Component Monitor from the drop-down list.

  3. Configure the Monitor Details section as follows:

    • Run the Component Monitor using the BitdefenderGravityZone- Device Monitor component.

    • Choose an action from the drop-down list and execution intervals:

      • Verify Install to check for security agent deployment. Select 30 minutes as best practice.

      • Verify Update to check for update status. Select 3 hours as best practice.

      • Verify Full Scan to check when the security agent has executed a full scan on the target last time. Select 24 hours as best practice.

      • Verify Quick Scan to check when the security agent has executed a quick scan on the target last time. Select 8 hours as best practice.

    • Under Alert Details, choose an alert priority type.

    • Set a time interval for Auto-Resolution.

      Select After 10 minutes as best practice (no less than 5 minutes).

    datto-monitor-details.png
  4. Configure the Response Details section as follows:

    • Select Run the following component and select BitdefenderGravityZone- Device Management.

    • Choose an Action from the drop-down list:

      • Install BEST to deploy the security agent.

      • Update BEST to update security agent.

      • Start Full Scan to begin a full scan task on the selected targets.

      • Start Quick Scan to begin a quick task on the selected targets.

        For the Install BESToption, you can configure a custom name for the installation package.

        Important

        Make sure to match the component action to the monitor action from step 3. For example, Verify Install with Install BEST or Verify Quick Scan with Start Quick Scan.

      • Configure email recipients to send out notifications when the alert is raised.

    datto_add_monitor_device_management_p_158507_en.png
  5. Configure Ticket Details to create tickets for your integrated ticketing service.

    For more information, refer to Alerts and tickets in Datto documentation.

  6. Click Submit to save the monitors to the monitor policy.

    datto-add-monitors.png

Note

To add multiple monitors, repeat the steps.

To view alerts generated by monitors, refer to Manage monitors in Datto documentation.

Click Save and Push Changes to save changes and apply the monitor policy immediately.

Creating a policy in the new UI

To create a policy for your site in the new UI:

  1. In the Web Portal, go to Policies > Monitoring in the left-side menu and click Create Policy.

    img-05-datto-policies-new-ui.png
  2. Enter a name and a description.

  3. Under Scope, select Site.

  4. For Type, select Monitoring.

  5. Under Monitors, click Add Monitor.

  6. In the Monitor Type window, click Select and choose Component from the right-side list.

  7. Under the Alert section, click Select a Component Monitor and choose Bitdefender GravityZone - Device Monitor.

    img-06-datto-component.png
  8. Next to the component, specify the interval in days for Verify Full Scan and Verify Quick Scan tasks to run.

  9. Choose an action from the drop-down list and execution intervals:

    • Verify Install to check for security agent deployment. Select 30 minutes as best practice.

    • Verify Update to check for update status. Select 3 hours as best practice.

    • Verify Full Scan to check when the security agent has executed a full scan on the target last time. Select 24 hours as best practice.

    • Verify Quick Scan to check when the security agent has executed a quick scan on the target last time. Select 8 hours as best practice.

  10. For Execute the Component Monitor every (minutes), specify 5 minutes as best practice (no less than 2 minutes).

  11. For Raise an alert of priority, select one of the available options according to your preferences.

  12. For Auto resolve the alert if it is no longer applicable, select After 10 minutes as best practice (no less than 5 minutes).

  13. Under the Response section, enable Run a Component and select Bitdefender GravityZone Endpoint Management [Datto Companion APP].

    img-07-datto-response-new-ui.png
  14. For Action, select one of the options:

    • Install BEST to deploy the security agent.

    • Update BEST to update security agent.

    • Start Full Scan to begin a full scan task on the selected targets.

    • Start Quick Scan to begin a quick task on the selected targets.

      For the Install  BEST option, you can configure a custom name for the installation package.

      Important

      Make sure to match the component action to the monitor action from step 3. For example, Verify Install with Install BEST or Verify Quick Scan with Start Quick Scan.

    • Configure email recipients to send out notifications when the alert is raised.

  15. Enable Send an email and configure recipients for notifications when the alert is raised.

  16. After you have finished the configuration, click Add Monitor.

  17. Under Targets, click the Add Target button and select one of the categories from the drop-down list:

    • Device Filters

    • Device Groups

    • Site Groups

    For information about target categories, refer to Filters and Groups in Datto documentation.

  18. Depending on the category, select the types of devices you are interested in and click Add. You can select multiple types of devices.

    For example, under Device Filters, select and add all machines running Windows 10, Windows 11, and Windows Server 2022.

    When finished, click X to close the selection list.

    img-06-datto-component-new.png
  19. Click Enabled to make the policy active.

  20. To apply the policy immediately, click the Save and Deploy Now button.

    To only save the policy, click the Save and Deploy Later button.

Editing policies in the old UI

To edit a monitoring policy in the old UI:

  1. Log in to Web Portal.

  2. Click Sites to open the drop-down list.

  3. Go to the Policies tab of your selected site.

  4. Click on the policy name to edit.

  5. You can edit the following elements:

    • Name

    • Targets

    • Monitors

  6. Click Save and Push Changes to save changes and apply the edited monitor policy immediately.

Editing policies in the new UI

To edit a policy in the new UI:

  1. Log in to Web Portal.

  2. Go to Policies > Monitoring and click on the name of the policy you want to edit.

  3. You can edit the following elements:

    • Name and description

    • Monitors

    • Targets

    • Policy status (enabled or disabled)

  4. To apply the policy immediately, click the Save and Deploy Now button.

    To only save the policy, click the Save and Deploy Later button.

    To discard the changes, click Cancel.

Configuring policy exclusions in the old UI

You can exclude devices individually from the monitoring policy.

To configure monitoring policy exclusions:

  1. Log in to Web Portal.

  2. Click Sites to open the drop-down list.

  3. Go to the Policies tab of your selected site.

  4. Find your monitor policy under the Site Policies section.

  5. Click icon-relay-datto.pngto view the device list.

    datto-policy-exclusions.png
  6. Select the All devices filter.

  7. Toggle the active state to exclude a device from the monitor policy.

    datto-exclusions.png

Note

Your Datto RMM account requires administrator rights to configure policy exclusions.

Configuring policy exclusions in the new UI

To exclude devices in the monitoring policy using the new UI:

  1. Log in to Web Portal.

  2. In the left-side menu, go to Policies > Monitoring.

    datto-policies-exclusions-newUI.png
  3. Select the policy to view its details.

  4. Scroll down to the Disabled Devices area and select it.

  5. Click the Edit button to select devices that you want to exclude.

    datto-excluded-device-edit-newUI.png

Note

Your Datto RMM account requires administrator rights to configure policy exclusions.