Appearance
NinjaOne Capabilities
When NinjaOne is connected, the AI agent can perform the following actions during ticket triage.
Device Information
| Tool | Description | Risk Level |
|---|---|---|
| Get Device Info | Retrieve device details including online status, OS, system info, and network identifiers | Low |
| Search Devices | Search for devices by name, device class, or online status | Low |
| Get Network Info | Retrieve network interfaces, IP addresses, and MAC addresses | Low |
| Get Logged Users | List currently logged-in users on a device | Low |
| Get Installed Software | Get installed software inventory including name, version, publisher, and install date | Low |
| Get Disk Drives | Get disk drive information including model, size, status, and SMART capability | Low |
| Get Storage Volumes | Get storage volumes including capacity, free space, and BitLocker status | Low |
| Get CPU Info | Get processor information including name, cores, clock speed, and architecture | Low |
Security and Compliance
| Tool | Description | Risk Level |
|---|---|---|
| Get Device Alerts | Get active alerts for a device including severity and source | Low |
| Get OS Patches | Get OS patches including KB number, severity, and approval status | Low |
| Get Windows Services | Get Windows services including state (Running/Stopped) and start type | Low |
Cross-Device Queries
These tools query data across all devices in your NinjaOne environment, useful for fleet-wide investigations.
| Tool | Description | Risk Level |
|---|---|---|
| Search All Software | Search software inventory across all devices | Low |
| Query Antivirus Status | Get antivirus status across all devices including product name and real-time protection | Low |
| Query Antivirus Threats | Get detected threats across all devices including threat name and severity | Low |
| Query Device Health | Get device health summary across all devices including disk health and resource usage | Low |
| Query Logged-On Users | Get all devices with their logged-on users in a single query | Low |
Script Execution
| Tool | Description | Risk Level | Approval |
|---|---|---|---|
| List Available Scripts | List scripts available to execute against a device | Low | None |
| Run Script | Execute a script on a device. Returns job information for tracking | High | Always |
| Get Script Results | Retrieve recent script execution activities with status and output | Low | None |
Script execution is classified as high-risk and always requires explicit approval. The agent will present the script details and wait for technician or manager confirmation.
Example Workflows
Diagnosing a slow computer: The agent searches for the device by hostname, checks CPU and disk info, reviews installed software for resource-heavy applications, and queries device health for resource usage alerts.
Checking patch compliance: The agent queries OS patches across the fleet, filters for unapproved patches, and correlates with active alerts to identify vulnerable devices.
Running a remediation script: The agent lists available scripts for the device, presents the options to the technician, and after approval executes the selected script. It then polls for the script result and reports back.