We’ve been getting this question with Policy Inheritence now rolled out, users want to know how to locate all the assets using a specific policy. This was something that used to be available but has gone away as assets are not using one single policy anymore- but multiple modules. Depending on how your policies are named/organized it may be a little tricky to find so I figured I’d pass on this advice.
The Asset Activity Audit (Admin > Reports) can be used to see which assets have been on which policies, where they were moved to etc. You can look at everything, specific assets, customers, and include timeframes if you want.
If you have feedback on this feel free to let us know in this thread (keep it kindly constructive of course!) Use cases are also great, an example of this would be that you want to delete a policy but it won’t let you if assets are on it, and you don’t know what assets are using it. Also if anyone finds the report does not get them what they need, let us know your case there too.
Is there a way to generate some sort of inventory tied to the policies. Just a count of the number of assets using a particular policy so it can be deleted as the PI policies are being organized and cleaned up.
No way currently to see what assets are affected by a policy or how many, only the historical data outline above. Major missing functionality.
The method noted in the OP will work, particularly if you are using this exclusively for cleaning up your policies as a result of PI’s additional power. This seems to be the primary use case for this request.
I was hoping for some type of report so I could immediately delete any policies that were no longer in use. Right now I am just going through things client by client as I have the time.
There is no report currently. I will add that you can’t accidentally delete a policy that is currently in use, though.
True. I will take another look at your initial post but when I worked through it the first time it did not seem to be very intuitive to me in determining what devices were using what policy so I could concentrate on getting them out of the policy, into the new system.
As others have noted, the primary goal for most people is to do policy cleanup. More specifically, they want to know where policies are assigned, so they can change the assignment and safely remove the policy. Since policies are now assigned to policy folders (not assets), we need to know which policy folders they’re assigned to.
The solution presented by the OP is a crude workaround that lists the assets a policy affects. However, this is not what we need. Listing assets affected by a policy would be nice to have, but not a required feature.
I’ve posted a feature request to Add a “View Assignments” button to the Policies page, which contains a more detailed description of why the solution proposed here is ineffective, and what’s necessary to effectively manage policy inheritance in an environment with more than a handful of customers and assets.
Policy Inheritance is huge step forward! Thanks to everyone on the Syncro team for their hard work and making it a reality.
I agree. I just tried to go through using the workaround and it is confusing at best. And of course the longer it has been the worse it is. I am just going to go through company by company and do it that way. Maybe I will be finished by the end of the year.
We’re looking at ways to improve this, particularly for folks looking to to do some cleanup for old policies that are no longer needed due to PI.