Jobs
Overview
The Jobs page displays the history and status of all hardening jobs executed in the system. Hardening jobs apply CIS benchmark configurations to hosts to improve their security posture.
Navigation
Menu: Infrastructure > Jobs
Page Layout
Toolbar
| Button | Description |
|---|---|
| Refresh | Manually reload the job list |
The page shows “Auto-refresh every 10 seconds” indicator.
Jobs Table
| Column | Description |
|---|---|
| Host | Target server hostname (resolved from host ID) |
| Profile | CIS profile used (e.g., cis-level1-server, cis-level2-server) |
| Status | Current job status with warning icon if error exists |
| Duration | Time taken to complete (in seconds) |
| Started At | Job start timestamp |
| Completed | Job completion timestamp |
| Actions | View Output button |
Pagination
- Default page size: 50 items
- Available sizes: 20, 50, 100, 200, 500 items per page
- Shows range indicator (e.g., “1-50 / 127”)
Job Statuses
| Status | Color | Description |
|---|---|---|
| pending | Gray | Job is waiting to be picked up by worker |
| queued | Blue (processing) | Job is queued for execution |
| running | Blue | Job is currently executing |
| completed | Green | Job finished successfully |
| failed | Red | Job encountered an error |
Error Indicator
When a job has an error message, a warning icon (yellow/red) appears next to the status tag. Hover over the icon to see the error message.
Viewing Job Details
Click the View Output button on any job row to open the details modal:
Details Modal Contents
| Field | Description |
|---|---|
| Job ID | Full unique job identifier (UUID) |
| Host | Target server hostname |
| Profile | CIS profile used for hardening |
| Status | Current status with color tag |
| Priority | Job priority level |
| Created | Job creation timestamp |
| Started At | When the job started executing |
| Completed | When the job finished |
| Duration | Execution time in seconds |
| Error | Error message if job failed (displayed in red box) |
| Ansible Output | Full Ansible playbook execution log |
| Result | Job result data (if available) |
Ansible Output
For completed or failed jobs, the Ansible Output section shows the full playbook execution log:
PLAY [Apply CIS Hardening] *****
TASK [Gathering Facts] *****
ok: [192.168.1.10]
TASK [section1 : Ensure mounting of cramfs filesystems is disabled] *****
changed: [192.168.1.10]
...The output shows:
- Each task executed
- Status (ok, changed, failed, skipped)
- Any error messages or warnings
The output panel supports scrolling and has a maximum height of 400px.
Auto-Refresh
The Jobs page automatically refreshes every 10 seconds to show updated job statuses. This allows you to monitor job progress in real-time without manually refreshing.
Job Workflow
1. Job Creation
Jobs are created when:
- User clicks Harden on a host (Hosts page)
- User clicks Bulk Harden for selected hosts
- A schedule triggers automatically (Schedules page)
- Quick Fix is initiated from compliance scan results
2. Job Queuing
New jobs enter the pending state and are added to the job queue.
The worker process picks up jobs from the queue based on priority.
3. Job Execution
The worker:
- Connects to the target host via SSH
- Runs the Ansible hardening playbook
- Applies CIS configurations based on the selected profile
- Records the output and results
4. Job Completion
Jobs complete with one of two outcomes:
Success (completed):
- All tasks executed without critical errors
- Host configuration was modified
- Run a new compliance scan to verify improvements
Failure (failed):
- An error prevented completion
- Check the error message and Ansible output
- Common causes: SSH connectivity, permissions, package conflicts
Understanding Profiles
CIS Level 1 - Server
Basic hardening suitable for most server environments:
- Disables unnecessary services
- Configures basic security settings
- Minimal impact on functionality
CIS Level 2 - Server
Comprehensive hardening for high-security environments:
- All Level 1 controls
- Additional restrictions
- May impact some applications
CIS Level 1 - Workstation
Basic hardening for workstation systems.
CIS Level 2 - Workstation
Enhanced hardening for workstation systems.
STIG Server/Workstation
DISA STIG compliance profiles for server and workstation systems.
Error Handling
Common Errors
| Error | Cause | Solution |
|---|---|---|
| SSH connection failed | Host unreachable | Check network connectivity and SSH credentials |
| Permission denied | Insufficient privileges | Ensure SSH user has sudo access |
| Package not found | Missing dependencies | Install required packages on host |
| Service failed to start | Configuration conflict | Review Ansible output for details |
| Connection timeout | Network issues | Check firewalls and network connectivity |
Viewing Error Details
- Find the job with the warning icon in the Status column
- Hover over the warning icon for a quick preview
- Click View Output for full details
- Review the Error field in the modal
- Search for “FAILED” or “error” in the Ansible Output
Job Priority
Jobs have a priority field that affects execution order:
- Higher priority jobs are executed first
- Priority is set when creating the hardening job from the Hosts page
- Default priority levels: Lowest, Low, Normal, High, Critical
Canceling Jobs
Currently, jobs cannot be canceled once started. The job will run to completion or failure.
For long-running jobs, you can:
- Wait for completion
- Check the worker logs for progress
- Contact an administrator if the job appears stuck
Best Practices
Before Running Jobs
- Backup: Ensure host has recent backups
- Test: Run a compliance scan first to understand current state
- Schedule: Run during maintenance windows
- Communicate: Inform affected users
After Job Completion
- Verify: Run a compliance scan to confirm improvements
- Test: Verify applications still function correctly
- Document: Record changes made
Monitoring
- Check Jobs page daily for failed jobs
- Investigate failures promptly
- Track compliance improvement over time
- Use the auto-refresh feature to monitor running jobs
Related Pages
- Hosts - Starting hardening jobs
- Compliance Scanning - Verifying results
- Schedules - Automating jobs
- Hardening - Detailed hardening information