Hello there,

Recently we discovered that we had numerous agents going offline randomly in Automox and we wanted to find a way to try to revive those endpoints remotely without having the team on the ground go to each endpoint individually.

We have another service running on our endpoints that could also run Powershell/Bash scripts depending on OS and would run similarly as SYSTEM/Root user.

We made use of this and came up with a script so that endpoints that were still online via this service and not in Automox could be fixed remotely. We’ve seen it work pretty successful thus far and wanted to share in case you might have need of it too.

You could also run this script locally too to revive if you don’t have another service.

All you need to change in the script is the cURL (with Access Key) which you can retrieve from Automox console.

UPDATE: 15th Feb 2020. Added 2 additional functions to check if the service is running and whether there has been an established TCP connection by the agent as a way to determine working agents in case you want to just run the script against all of your endpoints.

#!/bin/bash


PATH=$PATH:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin


export PATH





#function to remove the agent files


#Deregistering will throw sudo: /usr/local/bin/amagent: command not found error if amagent file is not on system.


#This will cause a duplicate entry in Automox when it reinstalls so you will need to remove the old entry in Automox


remove_agent() {


	echo "Removing agent remnants..."


	launchctl bootout system /Library/LaunchDaemons/com.automox.agent.plist


	/usr/local/bin/amagent --deregister


	rm -f /usr/local/bin/amagent


	rm -rf "/Library/Application Support/Automox/"


}





#function to install the agent


install_agent() {


	curl -sS "Automox CURL URL from Console" | bash


	launchctl bootstrap system /Library/LaunchDaemons/com.automox.agent.plist


	echo "Agent Installed"


}





#function to check if agent files are there


check_agent() {


	if 	i -f "/usr/local/bin/amagent" ]] ||  | -f "/Library/LaunchDaemons/com.automox.agent.plist" ]] ||  | -d "/Library/Application Support/Automox" ]]; then


		echo "Agent remnants found..."


		remove_agent


		install_agent





	else


		echo "Agent not found..."


		install_agent


	fi


}





#function to check if Automox agent has an active connection


check_connection() {


	estb=$(lsof -i -n -P | grep TCP | grep amagent | grep "ESTABLISHED")


	svcrun=$(launchctl list | grep automox)


		if 	i -z $estb ]] && mp -z $svcrun ]]; then


			echo "No connection found and service is not running"


			check_agent


		else


			echo "Automox has an established connection"


			exit 0


		fi


}





#function to check if Automox agent is running


check_service() {


	svcrun=$(launchctl list | grep automox)


		if 	i -z $svcrun ]]; then


			echo "Service not running."


			launchctl bootstrap system /Library/LaunchDaemons/com.automox.agent.plist


			check_connection


		else


			check_connection


		fi


}


			





check_service