Policy Engine
Define if‑this‑then‑that rules that continuously enforce how your fleet should look — a condition to watch for, and what DashX should do when it's met.
Create a policy
- Go to Automation → Policy Engine → New Policy.
- Name the policy (e.g.
PCI‑DSS Baseline,Weekly Security Patches) and add a description. - Add rules — each is a when/if condition and its expected value:
- Rule name (e.g.
SSH root login). - The condition to evaluate and the expected value.
- Scope — which devices it applies to (e.g.
production).
- Rule name (e.g.
- Save and enable it.
What it does
DashX evaluates enabled policies against the fleet and flags (or acts on) devices that don't match — turning "we should always…" into something enforced rather than remembered.
tip
Model your compliance baselines here (patch cadence, forbidden services, required config) so drift is caught by policy, not by luck. Pair with Drift Detection for the historical view.