Setting up hierarchical policies

Suitable for simple MSP environments

Manish Balaji avatar
Written by Manish Balaji
Updated over a week ago

Hierarchical policies are suitable for clients with a simple environment. It lets you create a policy set for an asset class that can be overridden at a client, site, or device level. In the policy set, you can configure both alerts and patch management for both Windows and Mac assets.

📝 Note: The same set of steps can be repeated to create different policy sets at the client, site, and device level by choosing the hierarchy.

To set a new hierarchical policy:

Navigate to Settings > Asset Management > Policy Management and select a Mac or a Windows policy.

Alert Management

  1. You can set up rule-based alerts in the alert management tab to notify you of important events in the client’s machine. You can also use intelligent alerts to create AI-powered alerts for hardware and performance monitoring to create intelligent, contextual alerts.

    💡SuperTip: Alerts have been categorized into Hardware and performance monitoring, Process Service Monitoring, Event log monitoring and General monitoring to help you better visualize the list of alerts and reduce clutter in the number of conditions while setting them up.

  2. To create an alert, open the alert management tab and click the +Policy button. Once you click ‘+Policy’, give it a name, conditions to scan, and necessary actions to be taken.

You can edit an existing policy by selecting it. For example, if disk space is greater than 95% for 2 hours, run a script to delete temp files and create an alert with a specific severity.

📝 Note: You can also specify a cool-off period. This cool-off period reduces noise by preventing repeated alerts for the same condition. Only one alert is generated during the cool-off period. The alert will be reset after a specific time period or if the alert condition (e.g. CPU usage is more than 95% for 2 hours) is not met anymore for the last X mins.

💡SuperTip: In addition to creating an alert or running a script, a ticket can be created from the policy as well as an email can be sent to a specific technician if the conditions match.

Additionally, an alert can be moved as ticket manually from the alert list page as well. To do that, hover near the checkbox corresponding to the alert that needs to be moved as a ticket. Right click on the spanner icon and select Convert alert into a ticket. The alert will then be moved to tickets tab.

Patch management

To create patch schedules:

  1. Turn on patch management by toggling the switch in the right corner.

  2. Click Schedule to create deployment schedules for the patches. And choose conditions to filter based on the category and severity of the patches.

    💡SuperTip: It is possible to create multiple deployment schedules with different conditions.

  3. Select approval configurations based on the patch category. This will define if approval has to be sent before deploying a particular patch.

  4. Select reboot options for when the user is logged in and logged out and click ‘Save’.

Scheduled Actions

Scripts can be scheduled to execute at a specific time, say once a week or once a month to avoid manual work. These can be configured to execute on a global, client, site or individual asset level. In addition to default scripts, custom scripts can also be created and selected from the dropdown.

💡 SuperTip: You can use scheduled actions to deploy AV or backup agents and run regular checks.


If you have integrated with any antivirus tools such as Webroot, you can enable the integration to auto-install on all devices.

You can also create group-based asset policies, click here to know more.

Did this answer your question?