Relevance to exclude action from executing if application is running?

(imported topic written by snoczp91)

Is anyone using relevance to prevent a patch action from executing when a specific application is running - say Powerpoint for example? If so, how are you doing it?

Trying to be sure we do not have a BigFix dialogue window pop up while someone is giving a presentation or the like.

Thanks.

(imported comment written by nberger91)

Add a (not exists running application “POWERPNT.EXE”) statement under the applicability tab.

(imported comment written by snoczp91)

That works to exclude an action from executing if Powerpoint is running, but the system does not seem to re-evaluate as relevant later on when Powerpoint is not running, which would be the desired outcome.

(imported comment written by jeremylam)

You can put similar relevance in the first line of the action:

continue if {(not exists running application “POWERPNT.EXE”)}

and use the reapply options in the take action dialog to automatically apply the action if it fails (when Powerpoint is indeed open).

(imported comment written by snoczp91)

Thanks Jeremy.

The action didn’t fail on 1st attempt, it just evaluated the machine is not relevant.

(imported comment written by jeremylam)

You can check if the application is running in either the Fixlet relevance, Fixlet action, or both.

If you put it in the Fixlet relevance, depending on the delay between when the computer reports back and when the action is taken, it may return non-relevant, or it may not be relevant at all to run the action. This may be a problem if this Fixlet is used as a visibility measure (ie: the Fixlet will switch back and forth from relevant to non-relevant even if the action has not been run).

If you put the check in just the action, the Fixlet will always be relevant regardless of the application state, but it will return “Failed” if the action just happens to start running when the application is open. This is good for visibility (you will always know that the action needs to be run on this computer, for example if it’s a required security patch) but you don’t know exactly when the action will complete and you may get lots of failed actions.

If you put the check in both, you get the negatives of both, but you are more assured that the action will not run when the application is open.

There are tradeoffs in behavior, but I generally prefer putting the check into the action only - you always know the state of the endpoint and the action. And preferably you wouldn’t be running any action that would interrupt the user, or set the action to only run if there is no logged on user.