Skip to content

hardis:org:monitor:all

Description

Monitor org, generate reports and sends notifications

Command Behavior

Runs all monitoring commands on a Salesforce org, generates reports, and sends notifications.

Key functionalities:

  • Monitoring commands: Runs a default list of monitoring commands (or custom ones defined in .sfdx-hardis.yml), each producing individual notifications.
  • Non-interactive execution: Every monitoring sub-command is executed with --agent, enforcing non-interactive behavior (no user prompts).
  • AI-powered summary: When an AI provider is configured, collects all monitoring notifications and generates a consolidated executive summary using AI, sent as a single notification.
  • Weekly PPTX report: On weekly runs (Saturday by default, or when --force-all is passed, or when env var MONITORING_IGNORE_FREQUENCY=true is set), a PowerPoint report can be generated by a coding agent (Claude, Codex, Gemini, or Copilot) and attached to the summary notification.
  • Report generation toggle (disabled by default): Enable coding-agent PPTX generation with codingAgentGenerateReports: true or env var SFDX_HARDIS_CODING_AGENT_GENERATE_REPORTS=true. Requires codingAgent to be configured.
  • Frequency control: Commands can run daily, weekly, biweekly, monthly, or off. Use frequencyDay (monday..sunday) to pick the firing day for weekly/biweekly, and frequencyDayOfMonth (1-31) for monthly. Use --force-all (or env var MONITORING_IGNORE_FREQUENCY=true) to force all commands to run regardless of their configured frequency.
  • Per-channel notification routing: Each entry accepts a notifications block with severity thresholds per channel (messaging, email, api). User entries are merged by key onto the built-in defaults, so you can override only the fields you need.

This command is part of sfdx-hardis Monitoring.

Technical explanations

The command runs each monitoring sub-command sequentially with --agent and collects exit codes.

When an AI provider is available (AiProvider.isAiAvailable()), each sub-command's notifications are written to temporary JSON files via MONITORING_NOTIF_OUTPUT_DIR. After all commands complete, the notifications are collected, an AI summary is generated using the PROMPT_MONITORING_SUMMARY template, and a consolidated MONITORING_SUMMARY notification is sent.

On weekly runs, a PPTX report is generated by invoking a coding agent CLI with the PROMPT_MONITORING_PPTX_REPORT template. The agent writes a Node.js script using pptxgenjs to produce a structured 7-slide PowerPoint presentation. The PPTX file is attached to the summary notification.

Both prompt templates can be overridden by placing files in config/prompt-templates/.

You can enable coding-agent PPTX generation by defining codingAgentGenerateReports: true in .sfdx-hardis.yml or by setting env var SFDX_HARDIS_CODING_AGENT_GENERATE_REPORTS=true.

A default list of monitoring commands is used. You can extend or override it via the monitoringCommands property in your .sfdx-hardis.yml file. User entries are merged by key onto the built-in defaults, so you can override one field (e.g. frequency) without redefining the whole entry. New keys are appended as custom commands. Set frequency: off on an entry to skip it entirely.

Example (override built-in defaults + add a custom command + tune routing):

monitoringCommands:
  - key: AUDIT_TRAIL
    frequency: weekly
    frequencyDay: monday
    notifications:
      messaging: warning
      email:
        threshold: error
        recipients:
          - security@company.com
        replaceRecipients: true
      api: log
  - key: LICENSES
    frequency: monthly
    frequencyDayOfMonth: 1
  - key: ORG_LIMITS
    frequency: off
  - key: MY_CUSTOM_REPORT
    title: My Custom command
    command: sf my:custom:command
    frequency: biweekly

You can force a run of all commands regardless of their configured frequency by passing --force-all (or by setting env var MONITORING_IGNORE_FREQUENCY=true).

The default list of commands is the following:

Key Description Command Frequency
AUDIT_TRAIL Detect suspect setup actions in major org sf hardis:org:diagnose:audittrail daily
LEGACY_API Detect calls to deprecated API versions sf hardis:org:diagnose:legacyapi daily
ORG_LIMITS Detect if org limits are close to be reached sf hardis:org:monitor:limits daily
APEX_FLEX_QUEUE Detect Apex flex queue backlog sf hardis:org:diagnose:flex-queue daily
APEX_FLOW_ERRORS Detect Apex and Flow errors sf hardis:org:monitor:errors daily
UNSECURED_CONNECTED_APPS Detect unsecured Connected Apps in an org sf hardis:org:diagnose:unsecure-connected-apps daily
MFA_CONFIG Detect MFA configuration gaps in the org sf hardis:org:diagnose:mfa weekly
DEPLOYMENTS Analyze metadata deployments and validations sf hardis:org:diagnose:deployments --period weekly daily
LICENSES Extract licenses information sf hardis:org:diagnose:licenses weekly
LINT_ACCESS Detect custom elements with no access rights defined in permission sets sf hardis:lint:access weekly
UNUSED_LICENSES Detect permission set licenses that are assigned to users that do not need them sf hardis:org:diagnose:unusedlicenses weekly
UNUSED_USERS Detect active users without recent logins (All licenses, 6 months) sf hardis:org:diagnose:unusedusers --licensetypes all --days 180 weekly
UNUSED_USERS_CRM_6_MONTHS Detect active users without recent logins (CRM, 6 months) sf hardis:org:diagnose:unusedusers --licensetypes all-crm --days 180 weekly
UNUSED_USERS_EXPERIENCE_6_MONTHS Detect active users without recent logins (Experience, 6 months) sf hardis:org:diagnose:unusedusers --licensetypes experience --days 180 weekly
ACTIVE_USERS_CRM_WEEKLY Detect active users with recent logins (CRM, 1 week) sf hardis:org:diagnose:unusedusers --returnactiveusers --licensetypes all-crm --days 7 weekly
ACTIVE_USERS_EXPERIENCE_MONTHLY Detect active users with recent logins (Experience, 1 month) sf hardis:org:diagnose:unusedusers --returnactiveusers --licensetypes experience --days 30 weekly
RELEASE_UPDATES Gather warnings about incoming and overdue Release Updates sf hardis:org:diagnose:releaseupdates weekly
ORG_INFO Get org info + SF instance info + next major upgrade date sf hardis:org:diagnose:instanceupgrade weekly
ORG_HEALTH_CHECK Run Salesforce Security Health Check sf hardis:org:monitor:health-check weekly
UNUSED_METADATAS Detect custom labels and custom permissions that are not in use sf hardis:lint:unusedmetadatas weekly
UNUSED_APEX_CLASSES Detect unused Apex classes in an org sf hardis:org:diagnose:unused-apex-classes weekly
APEX_API_VERSION Detect Apex classes and triggers with deprecated API version sf hardis:org:diagnose:apex-api-version weekly
CONNECTED_APPS Detect unused Connected Apps in an org sf hardis:org:diagnose:unused-connected-apps weekly
METADATA_STATUS Detect inactive metadata sf hardis:lint:metadatastatus weekly
MISSING_ATTRIBUTES Detect missing description on custom field sf hardis:lint:missingattributes weekly
UNDERUSED_PERMSETS Detect underused permission sets sf hardis:org:diagnose:underusedpermsets weekly
MINIMAL_PERMSETS Detect permission sets with minimal permissions in project sf hardis:org:diagnose:minimalpermsets weekly

Parameters

Name Type Description Default Required Options
agent boolean Run in non-interactive mode for agents and automation
debug
-d		 boolean Activate debug mode (more logs)
flags-dir option undefined
force-all boolean Force all monitoring commands to run, regardless of their configured frequency
json boolean Format output as json.
skipauth boolean Skip authentication check when a default username is required
target-org
-o		 option undefined
websocket option Websocket host:port for VsCode SFDX Hardis UI integration

Examples

$ sf hardis:org:monitor:all

$ sf hardis:org:monitor:all --target-org myorg@example.com

$ sf hardis:org:monitor:all --force-all --agent

$ sf hardis:org:monitor:all --target-org myorg@example.com --debug