Cron Job to Restart Automox Agent Nightly

What the nightly agent restart does

This Automox Worklet™ creates a cron job that automatically restarts the Automox agent service on Linux endpoints every night at 3:30 AM. The Worklet first checks whether the cron job already exists on the endpoint. If the job does not exist, the Worklet creates it.

The cron job includes a built-in safety check that prevents the restart if the agent is currently executing tasks. The job looks for execDir files in /var/lib/amagent/ and skips the restart if any are found. This maintains that the Worklet does not interrupt ongoing remediation or evaluation jobs.

Once installed, the cron job runs automatically without further intervention. You can manually modify the scheduled time in the cron configuration if needed, though you must remove the old entry before creating a new one.

Why schedule regular agent restarts

The Automox agent is a long-running process that can accumulate memory usage, file handles, and connection pools over extended periods. Regular restarts clear these resources and help the agent maintain optimal performance. Periodic restarts also allow the agent to reload its configuration and pick up any updates from the Automox console.

Scheduling restarts during off-hours (like 3:30 AM) minimizes impact on your IT operations. The endpoint continues to report status to Automox after each restart, so you maintain visibility and can continue running other Worklets. Without regular restarts, long-running agents may eventually require manual intervention or cause endpoints to appear unresponsive.

This Worklet is particularly valuable for organizations managing thousands of Linux endpoints, where manual agent maintenance becomes impractical. Automating the restart process maintains consistency across your infrastructure and reduces the burden on your IT operations team.

How the nightly restart job works

1. Evaluation phase: The Worklet checks the existing crontab entries for an entry containing "service amagent restart". If the entry exists, the evaluation completes successfully and no remediation is needed. If no entry is found, the evaluation fails and triggers remediation.

2. Remediation phase: The Worklet creates a new cron job using the format "30 3 * * * /bin/bash -c 'ls /var/lib/amagent/execDir* &>/dev/null || service amagent restart'". This command runs at 3:30 AM every day, checks for running tasks, and restarts the service only if no tasks are executing.

Agent restart job requirements

• Linux endpoints with the Automox agent installed

• Root or sudo access to create and manage cron jobs

• Bash shell available on the endpoint

• Cron service enabled and running

• No restrictions on modifying the user's crontab

Expected agent behavior after restart configuration

After the Worklet runs successfully, the cron job will be installed and active on the endpoint. You can verify this by checking the crontab with the command "crontab -l" and confirming that the restart entry is present. The agent will continue normal operations immediately after the Worklet completes.

Each night at 3:30 AM, the cron job will check for active tasks and restart the agent if no tasks are running. You will not see any console notifications for the automatic restart, but the agent will reconnect to the Automox console shortly after. If you need to change the restart time, you must manually edit or remove the cron entry and run the Worklet again with your desired schedule.

How to validate restart automox agent changes

1. Run this Worklet on a pilot Linux endpoint and review evaluation output for restart automox agent.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as exit, else.

4. Validate remediation effects from script operations such as exit, else, then rerun evaluation for compliance.