How do I reboot a minion as part of remediation

A remediation might require a full system reboot in order for the patch or update to take effect. Occasionally, a remediation might even require a second reboot.
As an administrator, to determine if an advisory or minion requires a reboot as part of a remediation, first run an assessment.
Then to determine whether a reboot is needed:
For
Refer to
Advisory
On the Advisories tab of the policy dashboard, check the Install Behavior column for the advisory's status:
  • Never requires reboot - The advisory does not require a reboot when it is remediated.
  • Always requires a reboot - The advisory always requires a reboot when it is remediated.
  • Can require reboot - The advisory could possibly require a reboot under certain conditions as part of remediation.
  • (-) - The null value. This displays for Linux minions. Detecting whether a reboot is required is not supported for Linux minions.
Minion
On the Minions tab of the policy dashboard, check the Needs Reboot column for the minion's status:
  • false - The minion either does not need a reboot for remediation or the minion has successfully rebooted.
  • true - The status is true if:
    • The minion needs a reboot and a reboot has not been started.
    • The minion is currently rebooted and has not yet finished rebooting.
    • The minion has rebooted but it will need a second reboot to apply additional changes.
If you detemine your system or minion needs a reboot follow these steps:
  1. On the
    Minions
    tab of the policy dashboard, click the checkbox next to a minion that shows true in the
    Needs Reboot
    column.
  2. Click
    Run Command
    .
  3. In the
    Function
    menu, select the
    system.reboot
    command.
  4. In the
    Arguments
    field, add the necessary arguments.
    • For Windows nodes, the
      system.reboot
      command needs two arguments:
      timeout
      and
      in_seconds
      . Set the first argument to 0 and the second argument to true. See the win_system.reboot module documentation for more information about these arguments.
    • For Linux nodes, the
      system.reboot
      command takes one argument:
      at_time
      . See the system.reboot module documentation for more information about these arguments.
  5. (Optional) If you want to schedule a reboot for a specific time, create a job that reboots the minion and then set that job to run at a scheduled time. See the
    Overview of the jobs workflow
    in Using jobs in Automation Configfor more information.
  6. Click
    Run Command
    to run this command on the select minion.
After initiating a reboot, the minion might take several minutes to reboot and come back online.
To check whether the minion is back online after a reboot, refresh the
Minions
tab in the Vulnerability workspace and check the minion’s presence. See
Minion presence
in Using the Targets workspacefor more information.
After rebooting a minion as part of a remediation, you must run another assessment to verify the remediation was successful.