Manage Suspect VMs

A suspect VM is a VM that doesn't meet the operating standards for your environment. You can set the suspect state of a VM to display at-a-glance information only or to work with the Suspect Policy by setting that policy to trigger an action when an attempt to start a Suspect service is made. For example, if an attempt is made to clone a VM marked suspect, the Suspect Policy triggers actions depending on how you have the policy set up.

When you set the state of a VM to suspect, that state appears on the Details pane for the VM.

Only VMs can have the Suspect state; this state isn't supported for other service types, such as virtual services, load balancers, databases, auto scaling groups and application stacks.

  • Suspect policy and Suspect state are deprecated and will be removed in a future release.
  • The Suspect Policy changes the Suspect state for templates, but policy actions (for example, deletion) aren't performed for templates. It's possible to deploy a VM from a template in the Suspect state.

Set the Suspect state for services


Views > Inventory > Infrastructure, Applications, or Storage

Available to:

Administrator and All Operator Levels of Access Rights

  1. Select the VM either through the tree or the Virtual Machines tab.
  2. Right-click and choose Policy Enforcement > Set Suspect State.
  3. In the Set Suspect State dialog, select Suspect or Not Suspect as required.
  4. Click OK.

    The selected suspect state the service is displayed on the Details pane.

Configure the Suspect policy


Configuration > Policies

Available to:

Commander Role of Superuser and Enterprise Admin

Administrator Access Rights

Any configuration of this policy on a system-wide basis can affect all cloud accounts that are managed by Commander now and can affect all cloud accounts that are added to Commander in the future. If you don't want any cloud account to be automatically affected by this policy, configure the policy by selected infrastructure elements only.

  1. On the Configuration page, click Add.
  2. In the Policy Configuration dialog, select Suspect from the list of policies, then click Next.
  3. On the Policy Name/Description page, enter a name (for example, "Suspect Policy for Production"), an optional description, then click Next.
  4. On the Choose a Target page, expand the Infrastructure tree if required, select the infrastructure elements to which you want the policy to apply, then click Next.

    You can't select a folder as a target.

  5. On the Configure the Policy page, do the following:
    • To configure the policy but keep it turned off until you are ready to enable it, make sure Enable policy is cleared.
    • From the Take Action menu, select from the options.

      When you click:

      After you enable the policy and if the policy is triggered, the result is:

      Notification Only

      No action is taken. An alert is created, notifying you that the policy has triggered. See also Subscribe to Policy Alerts.


      The VM is quarantined if the policy is triggered.

      Note: If you include this action in a policy targeting services in a cloud account other than vCenter, the action will fail.


      The VM is suspended (saved in its current state).

      Not supported for VMs in public cloud accounts. If you include this action in a policy targeting services in a public cloud account, the action will fail.


      The Guest OS is shut down.

      Remove from Inventory

      The VM is removed from inventory. Note that the file remains in the datastore.

      Note: If you include this action in a policy targeting services in a cloud account other than vCenter, the action will fail.

      Delete from Disk

      The service and its associated files are deleted permanently from disk. No other options can be carried out on this service after it's deleted.

      When you delete a VM or template from disk, the files are permanently deleted. They can't be recovered unless you have a backup copy.

      When all VMs are deleted from a virtual service through a policy action (that is, when VMs are deleted by a policy action or by a command workflow attached to an expiry policy), the empty virtual service isn't automatically deleted unless it too is targeted by policy.

      Run [Workflow]

      Existing command workflows appear for selection, organized by target type. If the policy is triggered, the selected workflow is run.

      You must choose a workflow with a target type that matches the target of the policy; otherwise, the workflow will fail. For example, if the selected workflow's target type is "VM", the workflow will fail if the policy targets a database. A workflow with a target type of "Any Inventory Type" can be run on all service types.

    • Click Add Workflow to set up a new command workflow.

    • Decide whether to allow children of the targets to have their own instance of the policy and disable this setting if desired.

      If you enable this option, other instances of this policy can be applied to any infrastructure elements and services that are children of the parent infrastructure element you have selected (an override).

  6. On the Summary page, if you have enabled the policy and as a result, any services will immediately be affected by it, Commander displays the number of affected services.
  7. Click Finish.