Troubleshooting Asset

To collect and send information to Tanium for troubleshooting, collect log and other relevant information.

Collect logs

The information is saved as a compressed ZIP file that you can download with your browser.

  1. From the Asset Home page, click Help .
  2. Click Collect. When the ZIP file is ready, you can download the tanium-asset-support-[timestamp].zip file to your local download directory.
  3. Attach the ZIP file to your Tanium Support case form or send it to your TAM.

Update service account log level

  1. From the Asset Home page, click Settings , then the Advanced tab.
  2. Change the Service Account Log Level.
  3. Click Save.

Troubleshoot asset data exports and imports

View status of imports and exports

On the Asset Home page, you can view a timeline of the recent imports and exports. The timeline contains each import, with one of the following statuses: 

  • : Scheduled
  • : Running
  • : Successful
  • : Error

View import and export logs

In the ZIP file that you download from the Help section, you can view logs for the data imports and exports. These logs are in the job directory:

ServiceNow exports

ServiceNow export logs are named with the following format: job/date_time_job#_servicenow_config#.log. If you enable Trace level logging on your ServiceNow configuration, numbered subdirectories, for example job/65, are created that contain all of the POST and GET requests for that job. See Add ServiceNow as a destination for more information about configuring logging.

Asset data imports

You can use these logs to view details about the scheduled runs that are occurring to import asset data from Tanium into your Asset database. Tanium data import logs are named with the following format: job/date_time_job#_tanium_1.log. For data you are importing from a database, import logs are named with the following format: job/date_time_job#_database_1.log. To change the log level for imports, see Configuring sources.

Disable imports and exports

Data imports and exports run on a configured schedule by default. You can disable this schedule to resolve issues, or run the import or export manually.

  1. From the Asset menu, go to Inventory Management > Schedules.
  2. Hover over the import or export schedule that you want to disable and click Edit .
  3. Clear the Run this connection on a defined schedule setting. Click Update.
  4. If you want to manually run an import or export, go to the Inventory Management > Schedules page. Hover over the import or export schedule and click Run Now.

Fix Error: MULTIPLE_DUPLICATE_RECORDS error message in ServiceNow log file

If you see an Error: MULTIPLE_DUPLICATE_RECORDS error message in the ServiceNow log file, contact your TAM to verify that the ServiceNow export mapping configuration is configured correctly.

  1. From the Asset menu, click Inventory Management > Destinations.
  2. Click Edit next to the destination.
  3. In the ServiceNow Export Mapping section, add the following property to the cmdb_ci_computer mapping:
    identificationFields: [
      [
        "name",
        "serial_number"
      ]
    ],
  4. Click Update.

Back up and restore the Asset database

You can back up or restore all configuration and Asset data. You might want to create a backup before making configuration updates. You must have the Tanium Administrator role to perform a backup operation.

  1. From the Asset Home page, click Settings , then the Database tab.
  2. To create a backup of the Asset database, click Back Up Database.
  3. Use the backups.
    • Download backup on local computer: Click Download Database Backup .
    • Restore database backup: Click Restore Database Backup . Before you restore, verify that no Asset destination exports or Tanium Connect connection runs are running. When you run the restoration, the current Asset database is backed up, the Asset service is shut down, the selected database is restored, and the Asset service is restarted. Any jobs that are running during the restoration process do not complete.
      If you want to restore the database on a different Module server, contact your TAM.
    • Delete a backup: Click Delete Database Backup .

Remove unneeded data from the Asset database

Delete assets

You can remove assets from your asset database. In a report that shows the assets you want to remove, select the rows and click Delete.

If the asset you deleted responds to the Asset saved questions in a subsequent load, the asset is re-added to the database.

Delete attributes

To delete an attribute, you must disable the attribute, then remove references.

  1. Disable the attribute.
    1. From the Asset menu, click Inventory Management > Attributes.
    2. Click Edit next to the attribute that you want to disable.
    3. Clear the Enabled setting. Click Save.
  2. Remove references to the attribute from all reports, views, permissions, and Service Now destinations.
    1. Click Delete next to the attribute that you want to remove.
    2. A list of known locations where the attribute is used is displayed. Click the link for each item, and edit the item to remove the use of the attribute.
    3. Click Refresh to list the remaining references.
  3. After you remove the references, type the name of the attribute to confirm its deletion. Click Delete Attribute.

The attribute is deleted from the Asset database on the next load of data from the data source.

Configure data retention and vacuuming

You can configure data retention and automatic vacuuming on the Asset database.

  1. From the Asset Home page, click Settings , then the Advanced tab.
    • To purge stale assets that have not been seen by Asset from the database, enable Purge Stale Assets. Then, indicate the age of stale data to remove. The minimum number is seven days.
    • To adjust the trigger and amount of work done during automatic vacuuming, adjust the Cost Limit and Scale Factor values. The Postgres VACUUM operation reclaims storage that is occupied by dead tuples. By default, the database is vacuumed when 1% of tuples are considered dead, and the cost limit (amount of work per vacuum cycle) is set to 1000.
  2. Click Save.

Uninstall Asset

  1. From the Main menu, click Solutions. Under Asset, click Uninstall. Click Proceed with Uninstall to complete the process.
  2. Remove Asset Tools from your endpoints. To see which endpoints have the file evidence tools installed, ask the question: Get Asset File Evidence Status from all machines. If you want to clean the artifacts from your endpoints, contact your TAM.
  3. A backup asset-files folder gets created as part of the uninstall process. You can keep or delete this folder. If any other Asset artifacts remain on your Module Server, contact your TAM.
  4. Remove Asset saved questions. You can remove saved questions that meet all the following conditions: 
    • Owned by the service account you configured for Asset
    • AND the name of the saved question starts with Asset
    • AND is in the Asset content set
  5. Remove Asset scheduled actions. Delete the Asset Deploy Collect Active Directory Info scheduled action that is created by the service account and running the Asset Collect Active Directory Info package.
  6. Remove Asset action group. After the action group is empty, you can delete the Tanium Asset action group.

Contact support

To contact Tanium Support for help, send an email to [email protected].