Trigger Types
| Type | Description | Use Case |
|---|---|---|
cron | Time-based scheduling | Daily/weekly scans |
event | Event-driven execution | React to discoveries |
watch | File change detection | Process new data |
manual | On-demand only | Placeholder trigger |
CLI Quick Start
The fastest way to set up scheduling, queuing, and webhooks — no YAML required.Schedule a Recurring Scan (--as-cron)
Create a cron schedule directly from the run command:
Queue a Run for Later (--queue)
Queue a run for deferred processing instead of executing immediately:
queued. Process them with:
Register a Webhook Trigger (--as-webhook)
Create a webhook URL that triggers a run on demand:
enable_trigger_via_webhook: true in osm-settings.yaml and a running server.
Queue Management
Full control over queued tasks via theosmedeus worker queue subcommands.
List Queued Tasks
Create Queued Tasks
An alternative to--queue on osmedeus run:
Process Queued Tasks
BRPOP for lower latency.
Server-Side Queue Polling
The server (osmedeus serve) automatically polls for queued tasks every 30 seconds. Disable with:
Webhook Management
List Registered Webhooks
Triggering Webhooks
Webhooks can be triggered via GET or POST:| Field | Description |
|---|---|
target | Override the target |
flow | Override with a flow workflow |
module | Override with a module workflow |
Authentication
If a webhook was registered with--webhook-auth-key, the key must be provided as a query parameter:
401 Unauthorized response.
Webhook Configuration
Webhook triggering must be enabled inosm-settings.yaml:
Server Flags
Relevant flags forosmedeus serve:
| Flag | Description |
|---|---|
--no-schedule | Disable the cron/watch/event scheduler |
--no-queue-polling | Disable background queue task polling |
--no-event-receiver | Disable automatic event receiver |
--no-hot-reload | Disable config hot reload |
Cron Triggers
Execute workflows on a schedule using cron expressions.Workflow Definition
Cron Expression Format
Common Schedules
| Expression | Description |
|---|---|
0 * * * * | Every hour |
0 2 * * * | Daily at 2 AM |
0 0 * * 0 | Weekly on Sunday |
0 0 1 * * | Monthly on the 1st |
*/15 * * * * | Every 15 minutes |
0 9-17 * * 1-5 | Hourly 9-5 weekdays |
Event Triggers
Execute workflows in response to events.Workflow Definition
Event Topics
Topics support glob patterns for flexible matching:| Topic | Description |
|---|---|
run.started | Workflow run started |
run.completed | Workflow run completed |
run.failed | Workflow run failed |
step.completed | Step completed |
assets.new | New asset discovered |
vulnerabilities.new | New vulnerability found |
Event Filters
JavaScript expressions to filter events:filter_functions:
Event Input Mapping
Two syntaxes are supported: New exports-style syntax (recommended):Event Template Variables
Event-triggered workflows have access to these template variables:| Variable | Description |
|---|---|
{{EventEnvelope}} | Full JSON event envelope |
{{EventTopic}} | Event topic |
{{EventSource}} | Event source |
{{EventDataType}} | Data type |
{{EventTimestamp}} | Event timestamp |
Watch Triggers
Execute workflows when files change. Uses fsnotify for instant inotify-based file system notifications.Workflow Definition
Watch Configuration
| Field | Type | Description |
|---|---|---|
path | string | Directory or file path to watch |
debounce | string | Optional debounce duration (e.g., “500ms”, “1s”, “2s”) |
Debounce
When files are modified rapidly (e.g., during a write operation), multiple events may fire. Usedebounce to consolidate rapid changes into a single trigger:
Watch Events
| Event | Description |
|---|---|
create | New file created |
modify | File modified |
delete | File deleted |
rename | File renamed |
API Management
List Schedules
Create Schedule
Enable/Disable
Trigger Manually
Delete Schedule
Webhook API Endpoints
List registered webhooks (authenticated):webhook_auth_key is set):
Combined Triggers
A workflow can have multiple triggers:Event Emission
Emit events from workflows:Database Storage
Schedules are stored in the database:Best Practices
- Use descriptive trigger names
- Start with disabled triggers during testing
- Set reasonable intervals to avoid overload
- Use event filters to reduce noise
- Monitor trigger execution via event logs
- Combine with distributed mode for scale
Troubleshooting
Schedule not running
Events not triggering
Watch not detecting changes
Next Steps
- Distributed Execution - Scale with workers
- Server CLI - Server setup
- API Overview - Schedule endpoints