Assign Devices to a Monitoring Policy

GUIDEIMPLEMENTATIONMONITORINGOPENFRAME

Phase 4 — Monitoring & Policies · Step 4

Section

June 19, 2026

Published

Vladislav Marchenko

Vladislav Marchenko

Head Of Marketing

Assign Devices to a Monitoring Policy

Phase 4 — Monitoring & Policies · OpenFrame Onboarding

A policy or query only does something once it's pointed at devices. The device selector is the same on both the Add/Edit Policy and Add/Edit Query screens, so learn it once and it works everywhere. This guide covers picking devices, filtering by tag, and bulk-adding.


Before you start

  • You're in the Devices section of a policy or query you're creating or editing (Monitoring → Policies/Queries → Add or Edit → scroll to Devices).
  • Devices need the Fleet/osquery agent to be evaluable. The picker flags machines where the agent isn't installed.

The two targeting modes

At the top of the Devices section you'll see two options:

  • Select Specific Devices — choose individual machines to include. This is the mode available today.
  • Select Devices by Criteria"automatically include all devices (current and future) that match your defined criteria." This is marked COMING SOON — when it ships, it'll let a policy auto-cover, say, "all Windows servers" without re-editing as devices come and go. For now, use specific selection.

Picking devices

The picker shows a table of Available Devices (and a Selected Devices (N) view of what you've chosen), with DEVICE, CUSTOMER, OS, and STATUS columns plus each device's last-online time.

  • Tick the devices you want to include.
  • Switch to the Selected Devices view to review exactly what's in scope.
  • Machines that read "Fleet agent is not installed" can be selected but won't return results until the agent is healthy — so confirm agent status first for anything important.

Filtering by Device Tags

This is the fast way to target a group. Click Device Tags to filter the picker down to machines carrying the tags you choose (the tagging scheme you set in Organize Devices with Device Tags, Phase 2). Filter to, say, Type: server, then add what's shown.

Note on tag targeting: filtering by tag narrows the picker so you can add the right machines quickly — but the selection is still a snapshot of those devices. Automatic, always-on tag/criteria targeting (where new matching devices join the policy on their own) is the Coming Soon "Select Devices by Criteria" mode. Until then, if you add devices later, revisit the policy to include them.


Bulk assignment

  • Add All Devices adds everything currently shown in the picker. Combine it with the Device Tags filter for a quick "all servers" or "all Windows" assignment: filter first, then Add All.
  • For a fleet-wide baseline check (e.g. encryption on), filtering off and Add All Devices assigns the whole fleet at once.

Save and verify

Save the policy or query. Then confirm the assignment took:

  • On a policy, the detail page's Devices table lists each assigned machine with PASSING/FAILING.
  • On a query, results start flowing from the assigned devices on the next scheduled run.

If a device you expected is missing, re-open the editor — it was likely filtered out of the picker (wrong tag, or agent-not-installed) when you saved.


Quick checklist

  • Used Select Specific Devices (auto criteria targeting is Coming Soon)
  • Filtered by Device Tags to find the right group fast
  • Used Add All Devices for bulk assignment where appropriate
  • Confirmed agent-installed status for important machines
  • Saved and verified the device list on the policy/query

What's next

With checks scoped to the right machines, the last piece is acting on failures — Understanding Alerts — Triage & Resolution walks the lifecycle from a device going non-compliant to getting it fixed.


Based on OpenFrame v0.9.19. "Select Devices by Criteria" is a roadmap item — re-check the console before treating tag auto-targeting as available.

Vladislav Marchenko

Head Of Marketing

Hi all! My name is Vlad and I’ve been brought on to head the marketing team at Flamingo. Thankfully, this isn’t the first time I will be building a marketing department from scratch, so the experience should come in handy. Now it’s time to dive into the world of MSPs and find myself in this new world.

More in Phase 4 — Monitoring & Policies

Related Content

Product Releases

Webinars

Case Studies

Blog Posts

Frequently Asked Questions

MSP AI Agents

Yes. In production MSP shops today, 10% to 25% of tickets close before a human opens them. Thread alone has processed 173 million tickets across 750-plus MSP partners at 96% triage accuracy, handing back 490,000-plus technician hours. Agents own the low-risk, high-volume work (password resets, MFA enrollment, known installs, onboarding and offboarding) and flag anything that touches production data or needs judgment for a human to take.
On a five-person desk, reported deployments show $78,000 to $130,000 in annual direct labor savings, roughly 30% fewer escalations, and 15% to 20% better SLA compliance. Broader MSP adoption data adds ticket handling time cut by 45% and five to 12 points of margin, all from reclaimed capacity rather than headcount cuts.

About OpenFrame

OpenFrame isn't built to plug into your stack. It replaces it. Instead of duct-taping a dozen tools together (RMM, MDM, SIEM, patching, remote access, each its own login and bill), we bundle it into one unified platform: RMM, MDM, monitoring, automation, remote access, patch management, security monitoring, and ticketing, plus built-in AI copilots. So "does it integrate with X?" usually means: you won't need X anymore.
Most platforms give you one piece and expect you to bolt the rest on. OpenFrame unifies the whole stack in one place, with AI copilots built in. Fewer logins, fewer bills, less duct tape.

Zabbix for MSPs

Yes. Zabbix is open source under GPLv2 with no license fee, no per-device pricing, and no paywalled features. You can monitor unlimited hosts at zero software cost. The real expense is the infrastructure to host it and the engineering time to configure and maintain it.
The main drawbacks are a steep learning curve, no built-in multi-tenancy or client portal, and self-managed maintenance. Upgrades, database scaling, and security all fall on your team. Zabbix rewards technical staff and frustrates anyone expecting a turnkey, plug-and-play monitoring product.

Log Aggregation

Yes. Self-hosted Loki is free and open source under the AGPLv3 license, so you pay only for the infrastructure you run it on. Grafana Cloud is the paid, managed option, starting at $0.45 per GB of logs ingested with 50 GB free each month.

Prometheus Monitoring

Yes. Prometheus is open source under the Apache 2.0 license, with no seat fees, per-device pricing, or contracts. The license costs nothing, but you pay in the server hardware, storage, upgrades, and engineering hours needed to run it across client environments.

Netdata Monitoring

Netdata is an open-source infrastructure monitoring platform that collects per-second metrics from servers, containers, and applications. An agent installs on each host, auto-discovers metrics, and builds real-time dashboards, while Netdata Cloud ties multiple agents together for fleet-wide visibility and alerting.

AI Infrastructure

Threshold monitoring fires alerts when a metric crosses a fixed line, regardless of context. Predictive monitoring learns each system's normal behavior and flags deviations early, catching slow failures like memory leaks weeks before a static threshold would trip.