A remediation might require a full system reboot in order for the patch or update to take effect. Occasionally, a remediation might even require a second reboot.

As a Windows administrator, to determine if an advisory or minion requires a reboot as part of a remediation, first run an assessment.
Note: Rebooting as part of remediaton only applies to Windows minions.
Then to determine whether a reboot is needed:
For Refer to
Advisory On the Advisories tab of the policy dashboard, check the Install Behavior column for the advisory's status:
  • Never requires reboot - The advisory does not require a reboot when it is remediated.
  • Always requires a reboot - The advisory always requires a reboot when it is remediated.
  • Can require reboot - The advisory could possibly require a reboot under certain conditions as part of remediation.
  • (-) - The null value. This displays for Linux minions. Detecting whether a reboot is required is not supported for Linux minions.
Minion On the Minions tab of the policy dashboard, check the Needs Reboot column for the minion's status:
  • false - The minion either does not need a reboot for remediation or the minion has successfully rebooted.
  • true - The status is true if:
    • The minion needs a reboot and a reboot has not been started.
    • The minion is currently rebooted and has not yet finished rebooting.
    • The minion has rebooted but it will need a second reboot to apply additional changes.

If you detemine your system or minion needs a reboot follow these steps:

Procedure

  1. On the Minions tab of the policy dashboard, click the checkbox next to a minion that shows true in the Needs Reboot column.
  2. Click Run Command.
  3. In the Function menu, select the system.reboot command.
  4. In the Arguments field, add the necessary arguments.
    • For Windows nodes, the system.reboot command needs two arguments: timeout and in_seconds. Set the first argument to 0 and the second argument to true. See the win_system.reboot module documentation for more information about these arguments.
    • For Linux nodes, the system.reboot command takes one argument: at_time. See the system.reboot module documentation for more information about these arguments.
  5. (Optional) If you want to schedule a reboot for a specific time, create a job that reboots the minion and then set that job to run at a scheduled time. See Automation Config jobs workflow for more information.
  6. Click Run Command to run this command on the select minion.

Results

After initiating a reboot, the minion might take several minutes to reboot and come back online.

To check whether the minion is back online after a reboot, refresh the Minions tab in the Vulnerability workspace and check the minion’s presence. See Minion presence for more information.

What to do next

After rebooting a minion as part of a remediation, you must run another assessment to verify the remediation was successful.